x.gd Open in urlscan Pro
172.67.140.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://x.gd/
Submission: On November 16 via manual (November 16th 2023, 3:55:15 pm UTC) from JP — Scanned from JP

Summary HTTP 125 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 125 HTTP transactions. The main IP is 172.67.140.193, located in United States and belongs to CLOUDFLARENET, US. The main domain is x.gd.
TLS certificate: Issued by GTS CA 1P5 on September 19th 2023. Valid for: 3 months.

This is the only time x.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	172.67.140.193 172.67.140.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4004:820::2008	15169 (GOOGLE) (GOOGLE)
24	2404:6800:400... 2404:6800:4004:828::2002	15169 (GOOGLE) (GOOGLE)
1 10	2404:6800:400... 2404:6800:4004:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:827::200e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:827::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
18	2404:6800:400... 2404:6800:400a:80b::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.197.53.177 52.197.53.177	16509 (AMAZON-02) (AMAZON-02)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
1 2	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
1	2001:df2:a300... 2001:df2:a300:bbbb::136	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	2404:6800:400... 2404:6800:4004:823::2004	15169 (GOOGLE) (GOOGLE)
1	74.125.23.155 74.125.23.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24b... 2600:9000:24ba:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7782:75f2:caaa:71c1:5647	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:818::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
3	54.244.6.21 54.244.6.21	16509 (AMAZON-02) (AMAZON-02)
2	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
17	23.194.70.16 23.194.70.16	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	204.79.197.204 204.79.197.204	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
125	25

18 172.67.140.193 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

x.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2404:6800:4004:828::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:80f::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:827::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:827::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:400a:80b::2001 (Osaka, Japan)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.53.177 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-53-177.ap-northeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::136 (United States)

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.23.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24ba:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:75f2:caaa:71c1:5647 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.244.6.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-6-21.us-west-2.compute.amazonaws.com

ads.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.194.70.16 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-70-16.deploy.static.akamaitechnologies.com

dco-assets.everestads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net

analyticspixel.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	507 KB
18	x.gd 1 redirects x.gd	433 KB
17	everestads.net dco-assets.everestads.net — Cisco Umbrella Rank: 5308	1 MB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	150 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	107 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	46 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	400 KB
3	everesttech.net ads.everesttech.net — Cisco Umbrella Rank: 5235	24 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	192 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	microsoft.com analyticspixel.microsoft.com — Cisco Umbrella Rank: 7341	676 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	67 KB
1	turn.com d.turn.com — Cisco Umbrella Rank: 1384	398 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 29338	527 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	90 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1329	616 B
125	19

	Domain	Requested by
21	pagead2.googlesyndication.com	x.gd pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net fw.adsafeprotected.com www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net x.gd tpc.googlesyndication.com pagead2.googlesyndication.com
18	x.gd	1 redirects x.gd
17	dco-assets.everestads.net	ads.everesttech.net dco-assets.everestads.net cdn.jsdelivr.net
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com x.gd googleads.g.doubleclick.net
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google-analytics.com	x.gd www.googletagmanager.com www.google-analytics.com
3	cdnjs.cloudflare.com	dco-assets.everestads.net
3	ads.everesttech.net	fw.adsafeprotected.com ads.everesttech.net dco-assets.everestads.net
3	www.googletagservices.com	x.gd googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	fw.adsafeprotected.com
2	www.googleadservices.com	x.gd
2	www.google.com	1 redirects tpc.googlesyndication.com
2	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects x.gd
1	analyticspixel.microsoft.com
1	cdn.jsdelivr.net	dco-assets.everestads.net
1	fonts.gstatic.com	fonts.googleapis.com
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
1	d.turn.com	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	www.googletagmanager.com	x.gd
1	polyfill.io	x.gd
125	26

This site contains links to these domains. Also see Links.

Domain
chrome.google.com

Subject Issuer	Validity	Valid
x.gd GTS CA 1P5	`2023-09-19` - `2023-12-18`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-11-12` - `2023-12-12`	a month	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.everesttech.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
www.adobetag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
analyticspixel.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-11-01` - `2024-04-29`	6 months	crt.sh

This page contains 20 frames:

Primary Page: https://x.gd/
Frame ID: 9CE5E676127FEED411B14C285CDB1D28
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: B1278426D7EAE04C76BAB69A1C014B04
Requests: 1 HTTP requests in this frame

Frame: https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 578C3CBD08911550B792C9A08BCF0B30
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&adk=1812271804&adf=3025194257&lmt=1698861239&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x810_l%7C404x810_r&format=0x0&url=https%3A%2F%2Fx.gd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700150111119&bpp=2&bdt=316&idt=311&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6867142664686&frm=20&pv=2&ga_vid=1592933797.1700150111&ga_sid=1700150111&ga_hid=2013244082&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079715%2C44809003%2C44809316%2C31078301%2C31079699%2C44806140%2C44807763%2C44808149%2C44808285%2C44809054%2C318512602&oid=2&pvsid=4425340562634585&tmod=1608517351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=327
Frame ID: C98D9943EFE272694AA5F27DC3872938
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&h=280&slotname=3268088791&adk=511558961&adf=4073242655&pi=t.ma~as.3268088791&w=728&fwrn=4&fwrnh=100&lmt=1698861239&rafmt=1&format=728x280&url=https%3A%2F%2Fx.gd%2F&ea=0&region=page-0.18302779304871386&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700150111224&bpp=2&bdt=420&idt=224&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6867142664686&frm=20&pv=1&ga_vid=1592933797.1700150111&ga_sid=1700150111&ga_hid=2013244082&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079715%2C44809003%2C44809316%2C31078301%2C31079699%2C44806140%2C44807763%2C44808149%2C44808285%2C44809054%2C318512602&oid=2&pvsid=4425340562634585&tmod=1608517351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228
Frame ID: D1AD7C3515CE67E48B5523615A3383F2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: ED3C4D7457251CCFFD6E94F19564A707
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 7BBC7A1487E69DB7950E9E202D8FD3B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY6-7f7gEwAQ&v=APEucNX8hB4hIauJDUDhvGc6NOKTxbwnu5A9YXzjRovmw8c755UCjSN3dnw1SU4H-qfwd-jb4Buu6D5pcuecNnJd-7SBJ9JrJQ
Frame ID: 061343C2F18A0129061C0A75A2E18120
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5E7E48AA7255784DE9068566EA6FEA33
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=e%E3%80%82%E6%B1%BA%E3%83%83%E3%81%97%EF%BC%9F%E3%82%84gl%E3%82%82%E3%82%8B%E5%8D%98%E5%A2%97%E3%81%9D%E3%81%8B%E8%A7%A3%E9%96%89%E3%80%81%E3%83%97%E9%96%8Bo%E5%BA%83%20%E3%81%98%E3%82%8C%E3%81%8F%E3%82%B9%E3%81%84%E3%81%8D%E3%81%A8%E3%81%9F%E3%81%A7%E5%91%8AG%E7%B0%A1%E3%82%92%E3%83%86%E5%A7%8B%E3%81%8A%E5%AE%A23%E3%81%A3%E6%A7%98
Frame ID: 4148FD69FF6557F2EEDA8B713E481870
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4523B1CE4C05F420533489AC9936C2CE
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 879B394D3D1A870793DA8AA06FE72366
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A4CC0719A01414481BEAF84BBCF64EA3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 44D0982D38A08520264B4A72DA563CCB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 005F1CE5C1A1329B858FF40069412A23
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZVY7YQAAIwGcRDmH
Frame ID: 1722D9BC862CFB713831A41E01256F85
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/z728x90.html
Frame ID: 596F638F52C014B3A09A159C029AADF1
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Frame ID: 754365FCB8015D02C6AE7669FB7A9839
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC5F588D83F4AD1676BBFC15938D0174
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE5B5903A69BDC23C69B4CC55B3B170F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener X.gd

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

125
Requests

95 %
HTTPS

60 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

3155 kB
Transfer

8112 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/fidojahpeagaflnjjbpkpcajhcbghooh
Title: Chrome Extention

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://x.gd/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 51

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGWO4mJ8hsxd2iqW0C3YakE&google_cver=1

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://fw.adsafeprotected.com/rfw/bgd/1527247/72330251/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013060816&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20266420254&bidurl=https://x.gd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ibphsLB_vcp3rCYRcvibLp&adsafe_url=https%3A%2F%2Fx.gd&adsafe_type=g&adsafe_url=https%3A%2F%2Fx.gd%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2737572314184878%26fa%3D1%26ifi%3D4%26uci%3Da!4&adsafe_type=be&adsafe_jsinfo=,id:ffa0c448-794b-4f0c-8bb0-96db6e73e181,c:ubk5st,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc59574b7-xh9mh,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:8676c4a8-8498-11ee-b3a4-de57067bc126,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=C_1KBXztWZbrpHeLevcAPjrab4A3txvqcdPfm0ZmIEmQQASCf3vNvYInzxYT0E6AB2trf0QHIAQmpAvlufRrbYjw-qAMByAPLBKoEsAFP0DbGhXw7ZIBh3lf9m_to2xrxE0WqTpxjkaC6SvmihVyJnFwNWLk_YMikmRyFS54KXZ8cBGTefmNrnrp0xp9cS7nGu3xyxHt104xYAcG-PGsWN6nJZ9OtmZl8WhbFgIXqdSzigN3EfcQYCosiLtRlMXqJUhjSYGRYE60eTHKnOmeIJ80WeSSKFE2_lL09dLiP6IrmBagvyH50R3AVozxjhG44s0jZOJZXpJ2JVp9M3sAEsIv794EEiAWmpNmFOpIFBAgEGAGSBQQIBRgEoAYugAeOpaCuAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOzmDNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgklaHR0cHM6Ly93d3cuZ3JhbmNyZWVyLmNvbS90c3VuYXNoaW1hL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxCQmMO4peGP8v8BEgIBA7gT5APYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMjczNzU3MjMxNDE4NDg3OBgA&sigh=dflwEPK2Dvo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNfQbCS7gRu8dfOkkkCXvETDHmCeFoZWJ_CtWIki-oR0D8jky0JuI67XI88cjeC5tl7JvHDQ_qgZZcDoYOt3gV7l9EPWQcpYZroRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda7924e9cbe853b0000000000000000%22,%222%22:%220xa6ea6ea5ee0f5f0c0000000000000000%22,%223%22:%220x7cbc18895a59f6a90000000000000000%22,%224%22:%220xdf6c0a44865260a60000000000000000%22,%225%22:%220x1a59a90d125d4fe00000000000000000%22},%22debug_key%22:%2216271823658955571391%22,%22debug_reporting%22:true,%22destination%22:%22https://grancreer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22439872858%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228214200688035319841%22}&andc=true

125 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
x.gd/ 6 KB
2 KB 29ms
14ms Document
text/html 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e723d8f0da4e10aa11dd406d5c9b98893da943f5ca4064b97326451448c344

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8270eab07a13f58f-NRT
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 15:55:10 GMT
last-modified: Wed, 01 Nov 2023 17:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw%2BGCi7ZjWnKFWxsHwP5lAeWhi6cTm4MaXx1mrpm%2FY%2BjPapQJQg5%2FDhoblKWl97v5tgpWY88HoIb%2Bs4WRmUaOaboHEscL%2BU8QmgKOdWJiev4kGsvgqU1"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
616 B 258ms
3ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=URLSearchParams,Object.fromEntries,Object.keys,Object.values

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 15:55:11 GMT
age: 849071
detected-user-agent: Chrome Mobile/119.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 84ms
41ms Script
application/javascript 2404:6800:4004:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K53RX1V2LY

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2bf8926627229c58508f83a89f69d0f3b6d7bc539de3e8a9a7b0dd048116f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 15:55:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 99ms
56ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c59ecb5f7aa2eb86a3422729a86a150b80c02132d32deb9d7db2dfc8e42f277f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Origin: https://x.gd
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53216
x-xss-protection: 0
server: cafe
etag: 18296023331041236225
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:11 GMT

GET
H2 200 daeb648.js Show response
x.gd/_nuxt/ 2 KB
2 KB 20ms
18ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/daeb648.js
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9f3f599c8c620303e3ecb3ef4efc57020d6abfde96b1863afee551fcd5d430

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290aa-9dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7blaw4r89KRnRp8IS78K0Rg7FxGgV6fmwHezFFc4iVgi4BrA2Ve1p0qF3sxlMEwZkv5y9C9tuZ4PrJL0XVGJgyBGmmlEFAeMZCEy0Z5IWfgJgpKjr2P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab09a2ef58f-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 64c8103.js Show response
x.gd/_nuxt/ 191 KB
66 KB 22ms
20ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/64c8103.js
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39488b5646fd7a7ba52a4e1a67c4655730f91b93c6681524e4c581090fabb716

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Nov 2023 17:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290aa-2fb77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5mga5WGUEWggnvfPKWc8uSo0US02woG%2FM7ISENyNBrft5T4qR5swJvNe0LGNfSKequdKesCWbcTbEFYtOfzFgZH7sYt8AFu0ZfkyW0CKnKCplZ07W9k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab09a2ff58f-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 55d6948.js Show response
x.gd/_nuxt/ 122 KB
32 KB 27ms
26ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/55d6948.js
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9d63d94d11e65be863b3a754ace1b9f2fa71e5e874d7b0ad2ca3e9a831cf3fa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Nov 2023 17:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290b5-1e87c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auW2aNvcyNqw0vHU2XsOUF4sn%2FQ2AyNCgEki1wA2r7Nmn8R9GLV3LEaXuagrpWVSgS9CB8TUamulO%2FWzfofvbGj8djZLNj2sU6AgXQuU12wAJE2Gbjra"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab09a31f58f-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 849cc5d.js Show response
x.gd/_nuxt/ 706 KB
264 KB 31ms
30ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/849cc5d.js
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f37fb29719b441eb569ded27a94e405544d3afc1d312167aeb6a3489f4962ae9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290b5-b0830"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15R0YjnLgqvlmNLZmYsiLcwXW2OZeoj130Vi1hJJiuZ2cJb%2Fx380VBtDHqtycfNTWpghHvjlTNGHqg%2BRqv3SJ67aoJ%2FUxfreAuxUGfy8n3nRBNXocl27"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab09a32f58f-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 178999a.js Show response
x.gd/_nuxt/ 55 KB
18 KB 20ms
19ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/178999a.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a932604416230684537f03bc523f1b5da6b10b7ee5be83e8b451f0bd8a59acd0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290b5-daed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=590wRBxl09IP8WJeau4QjVFcdUCiDb3OTTCUnF0cWThouMK6figVCV2PYHR%2B5q6uA7f%2FKYBlnYPN3lL%2B9kv%2FdMWBplSeCHvJJG%2FQv1FsOXTZgTjQGwMK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab25d0120c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 56264b2.js Show response
x.gd/_nuxt/ 32 KB
8 KB 17ms
17ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/56264b2.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899af7118726b26033f0cfcd94aa35343a8855b928a40cadc16c1a0ce5419997

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290aa-802d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAyHuY55%2BefUv7hPYiroxjy1AVyhCY4aQbER8SSQ9L5vkHavPAziKmm5qy8fY0w0VL94CuMBAQ9ljOQ4RzXPqHCSPUznKew1gtW52GZUN%2F%2FIX161qJFM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab25d0320c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 397 KB
134 KB 138ms
97ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7d2cc0d472f62aa3b727cf85e49884926cfedaa2a731b22b82160f10eba758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137260
x-xss-protection: 0
server: cafe
etag: 10360723983990017525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame B127 9 KB
4 KB 44ms
3ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 36967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:39:04 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 05:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

main.js Show response
x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 578C
Redirect Chain

https://x.gd/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

20ms
20ms

Script
application/javascript

172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Server

172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

becbb472cda64b5ddb1a4842646d11f5d534b81910fec1962e9e7585ad7d98ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jP5r075lVnIyH2KqR7NqZmknL4adeVjHtLAcf4yHDH83LU%2BjQexS5XIsjz7xXqWTu1dzMJwNzL%2BcSB8a0KBuhhsJr8Nkh9E7FxBAqO5zGWcpj%2BwlDar"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8270eab2cd5a20c1-NRT
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 16 Nov 2023 15:55:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tU4Es1X8qBK0DGQaIzPBZ3F2z7VMBVNuMYKwT7aS9g7U%2B2c4dDe03Dh3d0YI18gzQnM3BBKCsZPBQVc2omPJ6GWhyVXkcaGUhQyNb6MQp2woGK%2B5Xyh"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8270eab2ad4c20c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
3ms Script
text/javascript 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: x.gd
URL: https://x.gd/_nuxt/55d6948.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 14:51:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3811
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 16:51:40 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
163 B 75ms
42ms Ping
text/plain 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K53RX1V2LY&gtm=45je3b81v9102618407&_p=1700150111169&gcd=11l1l1l1l1&dma=0&cid=1592933797.1700150111&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1700150111&sct=1&seg=0&dl=https%3A%2F%2Fx.gd%2F&dt=URL%E7%9F%AD%E7%B8%AE%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%20X.gd&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=407
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K53RX1V2LY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://x.gd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
x.gd/img/icon/ 2 KB
1 KB 15ms
15ms Image
image/svg+xml 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.gd/img/icon/logo.svg
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 336951503a0ffc84310fb5345be5eaa6f9d8a2bdfad0dae493cf3abce96b425f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290b7-67c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyJbVW%2BORr7J65s4JiRKQ7aBXxpEZsDLpwEi%2BpE%2FBAXsX7FUgnVRne%2FiiTsvyM9fAQZV5xr0fknn5zZuY9wGTHL8x2q2rzGHOGA7vUXUA3FsVNDso8hW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8270eab32dbe20c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 settings.svg
x.gd/img/icon/ 587 B
784 B 13ms
13ms Image
image/svg+xml 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.gd/img/icon/settings.svg
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a9ff32d85258ef227ddc9a6763db635f084caaaaded2d4b28bb98ea0b1253c9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290ac-24b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IdaaHqn%2FYGjGA71gnRhjmZaFnEN9VHhoXy0pjE5MeSNiViHKgxSmefuZT0S4wQNQTLfc2UWy36vX0oZmwIbT5nEkHXL08gIT7wqMTcUnG3e7Jgbq4Us"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8270eab32dbf20c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 744d615f.png
x.gd/img/envlogo/ 3 KB
3 KB 13ms
13ms Image
image/png 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.gd/img/envlogo/744d615f.png
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8d43aacb546c1c4db801c9bd34d7717c8dcac683d526d6a155ab2546062527

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654290ac-b79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOjqrpnJmV02e6MT%2FDFBte9WysSSfPEghGbJjf4Pj66WsAAudnXrx2cgFUHIDBghhmXfN0cA7g6JvV1PF%2FIz58xBW13wxBd3iVsQTap5z4l0R7wfvCYC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8270eab33dcc20c1-NRT
alt-svc: h3=":443"; ma=86400
content-length: 2937

POST
H3 200 8270eab07a13f58f Show response
x.gd/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 578C 0
529 B 22ms
21ms XHR
text/plain 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/cdn-cgi/challenge-platform/h/g/jsd/r/8270eab07a13f58f
Requested by: Host: x.gd
URL: https://x.gd/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lbEmLmf6DJUA1sgu%2FceKxFVI8E450s7ljk%2BdRU%2B7%2FvzdtLoAyJ%2FEcxjx2ZNBQGUEaY1bqMNDzHBB86RrMSwEXTU5z%2Bk6Il%2F0AaGg5xA92Ycdc8dZv8y"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8270eab3de5020c1-NRT
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 42ms
41ms XHR
text/plain 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2013244082&t=event&_s=1&dl=https%3A%2F%2Fx.gd%2F&ul=en-us&de=UTF-8&dt=URL%20Shortener%20X.gd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=extention&ea=view&el=notice2&_u=KADAAEABEAAAACAAI~&jid=2072942732&gjid=1729276630&cid=1592933797.1700150111&tid=UA-154998386-2&_gid=1075734830.1700150111&_r=1&_slc=1&z=1397822299

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://x.gd/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://x.gd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
155 B 2ms
2ms Image
image/gif 2404:6800:4004:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2013244082&t=pageview&_s=2&dl=https%3A%2F%2Fx.gd%2F&dp=%2F&ul=en-us&de=UTF-8&dt=URL%20Shortener%20X.gd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=&gjid=&cid=1592933797.1700150111&tid=UA-154998386-2&_gid=1075734830.1700150111&z=450540600

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:03:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31923
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 57c82bd.js Show response
x.gd/_nuxt/ 27 KB
8 KB 15ms
15ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/57c82bd.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6a5bb37520d3802bf344e433669d6f795ca3f003e7564e4ae82db7714429bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290aa-6c94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7S3c9bey2rkJ%2BoZogVQ11vH7nqtduX8G1Jzoz3EBsuUjBznE9KEh5lL8Eu9EB5FndIEuTBd8toTzUojjXbSqAIrSyDm3Boujbb7914grk94NGJfDYcam"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab3fe6620c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 18ff7cd.js Show response
x.gd/_nuxt/ 29 KB
9 KB 16ms
16ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/18ff7cd.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7fc41884f9369db038e9beb5a7c7bf2d754a1032e3c67a9b5e5fbd530cad07

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290aa-74d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wH%2BKn7GGIJZN17Evpwg3TkTICytmTs7Rw%2FaMflCtJm9OYXNvkbVKvuD9A5WL8MTUGKiN5%2BXBLzdIHd0hrNY6%2FjMlZVNNb1Hb5YuRWSO4wIhgdZf76dW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab40e6820c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 15b80ae.js Show response
x.gd/_nuxt/ 13 KB
4 KB 13ms
12ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/15b80ae.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943e9b87328e617dc5dde0f272231be8ac51d8f3d54ae169b47b4b87093e03bb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290b5-338c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEXIQXB5GC3urqQ01yz9usKqPe%2BF5uEHrIM23XcsU3e09pEXkbgYKfysdamqHMQMK48HbQBFXgalsZzSeD%2BZxug7g1yWg0pJGgipAh4fqdMrmJNIiobX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab40e6920c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 4248dea.js Show response
x.gd/_nuxt/ 27 KB
6 KB 15ms
14ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/4248dea.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ed9cfdb3caea0b6f5cfa91df5aa6f1861e760115db0cc1901c90fb69069609

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290b5-6ce1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BiBkQAQ8B3lCmkEk%2BfosFMWXyd3U15MjmMaf186oRFWeoK6wenlNUgNYpxIscdu%2BVBotfxkPsY6vSdYUZz5JKlQgd%2FJuxUTyI1Q6iokAAq%2BDpUC1g3N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab40e6a20c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 c33eb82.js Show response
x.gd/_nuxt/ 18 KB
5 KB 14ms
14ms Script
application/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.gd/_nuxt/c33eb82.js
Requested by: Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563a21af7d066a5ed2d05357428e1b96508f9c9e23a39b560ab9fa8fe92f1591

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 01 Nov 2023 17:53:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654290aa-47fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6IcRzrdZRWoBFmFmsMSgNVmIfwgOfPs6jgUL1AJyKiN8qNWPC9zyPGR6JaFIMEU%2BNrcdIYy5aFTkhqrhxBHqkCy76j8jhxCEKj8qIxsFvoOSErSTYXc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270eab40e6b20c1-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C98D 239 KB
63 KB 374ms
374ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&adk=1812271804&adf=3025194257&lmt=1698861239&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x810_l%7C404x810_r&format=0x0&url=https%3A%2F%2Fx.gd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700150111119&bpp=2&bdt=316&idt=311&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6867142664686&frm=20&pv=2&ga_vid=1592933797.1700150111&ga_sid=1700150111&ga_hid=2013244082&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079715%2C44809003%2C44809316%2C31078301%2C31079699%2C44806140%2C44807763%2C44808149%2C44808285%2C44809054%2C318512602&oid=2&pvsid=4425340562634585&tmod=1608517351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=327

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

967b5c96b5ece51bba7888e995b0515e0ab8d6861bca9547648e9c9861795a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 63858
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:55:11 GMT
expires: Thu, 16 Nov 2023 15:55:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1AD 117 KB
40 KB 515ms
514ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&h=280&slotname=3268088791&adk=511558961&adf=4073242655&pi=t.ma~as.3268088791&w=728&fwrn=4&fwrnh=100&lmt=1698861239&rafmt=1&format=728x280&url=https%3A%2F%2Fx.gd%2F&ea=0&region=page-0.18302779304871386&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700150111224&bpp=2&bdt=420&idt=224&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6867142664686&frm=20&pv=1&ga_vid=1592933797.1700150111&ga_sid=1700150111&ga_hid=2013244082&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079715%2C44809003%2C44809316%2C31078301%2C31079699%2C44806140%2C44807763%2C44808149%2C44808285%2C44809054%2C318512602&oid=2&pvsid=4425340562634585&tmod=1608517351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3879b2e0b8c4e431b7c54af8e84e8b8e5d7e8856fed423e2349443f46ab58f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41064
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:55:11 GMT
expires: Thu, 16 Nov 2023 15:55:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 160 KB
55 KB 55ms
54ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/reactive_library_fy2021.js?bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d73c04a920a5949876ccf0b2ddfc75ff138fb4c551f6467979f3b84390a39e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55849
x-xss-protection: 0
server: cafe
etag: 3504821074047172623
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:11 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame ED3C 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 55512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 00:29:59 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 00:29:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 7BBC 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 55512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 00:29:59 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 00:29:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame ED3C 4 KB
1 KB 83ms
42ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:46:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED3C 205 B
296 B 43ms
4ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:21:36 GMT
x-content-type-options: nosniff
age: 203616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Nov 2024 07:21:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED3C 604 B
1 KB 42ms
3ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:40:17 GMT
x-content-type-options: nosniff
age: 65695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 21:40:17 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame ED3C 15 KB
7 KB 83ms
29ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:20 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame ED3C 21 KB
9 KB 83ms
29ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0613 217 B
136 B 47ms
45ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY6-7f7gEwAQ&v=APEucNX8hB4hIauJDUDhvGc6NOKTxbwnu5A9YXzjRovmw8c755UCjSN3dnw1SU4H-qfwd-jb4Buu6D5pcuecNnJd-7SBJ9JrJQ

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 112
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:55:11 GMT
expires: Thu, 16 Nov 2023 15:55:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5E7E 89 KB
31 KB 87ms
87ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1527247/72330251/xbbe/creative/ Frame 5E7E 262 KB
79 KB 123ms
7ms Script
application/javascript 52.197.53.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1527247/72330251/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013060816&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20266420254&bidurl=https://x.gd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ibphsLB_vcp3rCYRcvibLp
Requested by: Host: x.gd
URL: https://x.gd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.53.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-53-177.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 9e0810b268882a75dc522adaffb164ceb233cea8416d02657002a6ca311c64f0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5E7E 3 KB
1 KB 58ms
14ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5E7E 20 KB
9 KB 56ms
12ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 06:55:30 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E7E 203 KB
64 KB 95ms
54ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E7E 42 B
63 B 42ms
40ms Image
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUmSjU8C2Eo9Sm5BG6IfHkuyDwvXFjn-1CVTQjy_-tXM08nsT5S-FkTpRHB6_2kues97bIvlRDXSKqP22umLtWYn0fXWljIVT3SBoItPMWDFuVhys

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E7E 0
20 B 40ms
38ms Image
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7690346985672284398&x=1&ct=76

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D1AD 999 B
425 B 65ms
44ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%99%E3%83%A9%E7%B4%84%E6%A5%AD1%E3%83%B3%E6%9D%B1%E4%BB%8A%E3%83%AB%E3%82%A4%E3%83%BC%E3%83%87%E3%83%AC%E3%82%B6%E3%82%AF%E5%B3%B6%E7%B6%B1%EF%BC%8F%E3%82%B0%E6%80%A5%E4%BA%88%E9%96%8B%E3%83%95%E6%9C%88%E3%81%90

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&h=280&slotname=3268088791&adk=511558961&adf=4073242655&pi=t.ma~as.3268088791&w=728&fwrn=4&fwrnh=100&lmt=1698861239&rafmt=1&format=728x280&url=https%3A%2F%2Fx.gd%2F&ea=0&region=page-0.18302779304871386&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700150111224&bpp=2&bdt=420&idt=224&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6867142664686&frm=20&pv=1&ga_vid=1592933797.1700150111&ga_sid=1700150111&ga_hid=2013244082&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079628%2C31079715%2C44809003%2C44809316%2C31078301%2C31079699%2C44806140%2C44807763%2C44808149%2C44808285%2C44809054%2C318512602&oid=2&pvsid=4425340562634585&tmod=1608517351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca5a0d546befc7e52f55ff17427eaa54beefeb3699036f7fa2521474e6e31555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 15:55:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D1AD 2 KB
905 B 52ms
17ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D1AD 23 KB
9 KB 50ms
21ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:54:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D1AD 3 KB
1 KB 46ms
17ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D1AD 20 KB
8 KB 48ms
13ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 06:55:30 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1AD 203 KB
64 KB 162ms
130ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame D1AD 37 KB
15 KB 18ms
4ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 09:55:40 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9497959933220918811/ Frame D1AD 45 KB
45 KB 45ms
22ms Image
image/jpeg 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9497959933220918811/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a4d06bc5ae7c8f914f0af8a2d444771f3d4d7d6175d2c4f057864ca3d80779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:28:18 GMT
x-content-type-options: nosniff
age: 1614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45984
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 01:23:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 15:28:18 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0613
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
243 B

44ms
43ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY6-7f7gEwAQ&v=APEucNX8hB4hIauJDUDhvGc6NOKTxbwnu5A9YXzjRovmw8c755UCjSN3dnw1SU4H-qfwd-jb4Buu6D5pcuecNnJd-7SBJ9JrJQ

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Nov 2023 15:55:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 0613
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGWO4mJ8hsxd2iqW0C3YakE&google_cver=1

43 B
398 B

437ms
60ms

Image
image/gif

2001:df2:a300:bbbb::136
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGWO4mJ8hsxd2iqW0C3YakE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEMfclwEY6-7f7gEwAQ&v=APEucNX8hB4hIauJDUDhvGc6NOKTxbwnu5A9YXzjRovmw8c755UCjSN3dnw1SU4H-qfwd-jb4Buu6D5pcuecNnJd-7SBJ9JrJQ
Protocol: H2
Server: 2001:df2:a300:bbbb::136 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGWO4mJ8hsxd2iqW0C3YakE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D1AD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f8eee3f3f2a560aed1ae203492b10d2c0a3677aa3f940b815683ec52c53fb18

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 4148 836 B
467 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=e%E3%80%82%E6%B1%BA%E3%83%83%E3%81%97%EF%BC%9F%E3%82%84gl%E3%82%82%E3%82%8B%E5%8D%98%E5%A2%97%E3%81%9D%E3%81%8B%E8%A7%A3%E9%96%89%E3%80%81%E3%83%97%E9%96%8Bo%E5%BA%83%20%E3%81%98%E3%82%8C%E3%81%8F%E3%82%B9%E3%81%84%E3%81%8D%E3%81%A8%E3%81%9F%E3%81%A7%E5%91%8AG%E7%B0%A1%E3%82%92%E3%83%86%E5%A7%8B%E3%81%8A%E5%AE%A23%E3%81%A3%E6%A7%98

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60b8fa5e16a13325e7d09ca1c2a02fb56454e59da68331217a176ad4d7c13b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 15:55:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4148 2 KB
857 B 9ms
9ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4148 23 KB
9 KB 9ms
9ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:54:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4523 143 B
166 B 5ms
3ms Document
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:39:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4148 3 KB
1 KB 10ms
9ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:45:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4148 20 KB
8 KB 11ms
10ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 06:55:30 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4148 203 KB
64 KB 83ms
82ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:55:12 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 4148 37 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 09:55:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E7E 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2393292591252&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E7E 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2393292591252&version=m202309260101&ct=76&x=1&cor=7690346985672284000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5E7E 16 KB
12 KB 81ms
81ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsT_cxPULdx2exoTU4W2pF9yKRk4ZT1rG8srYJUeNdnZOrz42A8zIKRs8Eo-VBHiGLZYNiyC866Iw7BvkCLJmz4fxZ0Uq1_VF1TjWfwqeLCUWJ9kwToH8ylItckzxl8EmVC7elfWXPWCIm4GPtF6rQtAs_9Vy8vStIE5KlfAbjbegwfiU&cry=1&dbm_d=AKAmf-BeworV7hA2kyoRizVebz8J01HpHdyqwKl-ItpCZ86gUDHPDqk9etYdsEFXRc4Pd_KwnA3FLMV8jPZnJ0YLXxX6l8T3-3pvyMSF-Ouwf3o4YMNg3Xh1uD37ifS6OTFj_ZTlhAr9fPcaPEJQEgB1bNe5X-OKsZZ1dmGyKE6hzMaH4xpeuIMqDnfkE6MNyT6C8hPH4P6g_CNNx0ic1dOciFlB-xD-wIIf4Q4qTIxmBfj2r1IFGeCTnvtoMvPFvO0M7onY19GPV3rDUNzu5849SaHfc0vnqhQqzo_Ps0CV4jZkvX4_aPPeKWz3w5GBpMl8S6plawlhwl9VdA-6Amr_TGuRr2EtNVAP-6B2sDgP3pM_-pHAb5zgL99CVWVPEpZFpgXk6-ICyljzjKDpUHpYsMvdUFHV2ncaiWwiDkkfdzfNcG-17vqqVmu1M371N9KMxeO319qVYDO3yfIpv-lCqSypJNGVEsGgti1QXPYCkA1gtN4niMxZV2U5JHXghD2QKAgVECtIj2dOqBCfVRfyL6KQMDLwlmXX6zt1qu04vVEC05v1BmiQpsiaNLp6dboOLfUspJj201puAofD-BgpybLCZ9Hw6CsNQJVvIWhiQnOlzR_oip5OY9zfqwsnF_a1XzQisimPcfkN2uo4wPein7k6KF4GPEcldqPo8WApQXyrB4LFRIPB9YjFYU6UDs5KytpuE5I1UY1_gk51PeiEncUnEbMY5r_4NA4_2gwQcaazpjwrIp6qcY9zUPgttYihMZgqSoN38e7PPZJDE01sgWT8WqDjx2FzTrUTNImrheqNGZ58zOM0s-tCldmC4ldkHTA1Mnmh1huqGpmZjMLWxksLRzZSuBCZfJv4dEByzgl2xpuYImb182QbDkmWWzT2sgSS3TLgD-2RgAh0PGFf8RZd1E1M1ZLqEQKOEzcIjDX0jfPgi8UGbQv2jl-T78FQh-32RCqgx9v0bLLtE8mZrClo5_KlHZHsi3q2kG51FaTpfbHZGZaO9XhEvDtxT07NOMzFPaljqlRKocWso71m28EM4RHd2pFM9yM7-rAPPQd2SMnVgioBX-Q6MkPUumZTPTMSPDbyVgXl-xgozGh0i8OiDVkm4fq7sG3001uNRdBzazdolg_UXeCiLfR11wYJrCMgrCJJa_kVySNODNtaHSodxHuxINcqy2iRQYYkj8qDmyHkP8o-_DGQCMuSv_t1q9X7fxR7_KxWAuGiVJPkGDb1qAEOCprc-TrYqZtQCaMQcLBncRWMra635o3prJT6QR6Pp3va3HPPGumLCJqdGl23lWyj8u2Y161IBYWBiHBSjYYwsR_racN-cBmfVBOb7R1BdDEONsZBOD5dkPl2MuaiA0nm-W9K-U8lxisiVSANmLK2OWs8Chz3NsbJhgZf2ThKl6Ixm9_ZFNIDFIMtdcx-3kfcesBnUqe69iEUKWFoiTEPqkSA3f81szQb3hLOtX4NQXR-uw-eF_3ccAzwIksbYmoxf2N_-7KVa94yxy07-cltYhCU0m2CYRzAEZME0coVw2efEVwzu6E8jsTjtN3jn9U5wmPSbQYqXx-FxT5ADKMtf74RdOmaoZQIf6KdcTiI7yT8eD_zQTXTRS41HdlHCSfsbjpl5Pk3hoMMzJxtcjXyPbPgu3L8p16IDWOnncJnMgnDvmkzfqBtsFFkqCa30l95Yf7Jx_KeuzmBJ_ylrjhRY_5lv2OZwYvr3iaLurIaOpGXfCr7n5HAh_kpHw2BbEMaOfrhErOToQpAkNd_JUFQciUzFcp__oNxHXNvtOVYieo2V0rM2tN6ISmCg1siqaKmhUuCsQujXjqZts9-Ai9yeqxMQo5Z_V78x1BEV0Do8zFSqGB1m7oLOaAxxCuVqeSGOh07c5IYxlPNdGoseaD8MrGrZbiFK2oNHS5o2YIU4QbU6VUY92VbPf29NAGxiX08Dfk69bfBRzK6T5Dunp8125S0JMBXjtCO9hMkJLU7bp3B0fw98ruyWznQT5lea4o_37cKPH-P1XC_uSdhYB73eoul2tPFxupf9ZK6bawNzlgz8IyF_wigb5aKUkpiT42Vo_Qa-wHP01n4-08Xks438BgM8oVdPqGRnE432wMh_kx9uVDYndVw-pVOBBXADnCVsmFX7cSbTueBrg6ii-8iy0kt-Inl_pz3a34tokks-XeHQ1rHjIkCu9HYOYs_IaXIrVHxJHY3r5bMGw1hBF8QcGcG68dLptSAFmF6636bo2JohKOQdn8AudYbiXog1LmZl1T5VYvCswOqKYviOsnOPudtCUf5pVKBL-olcxpg0-XdxeOmIp-K_fMccmNawuJJuOIhg-YP7ITwSvAL0DMr0XijGnZmENtORS4JaWKm9X65tguFjLpftO0rcge6OWD51gK9iLUQI_Ps_MEkPKu3pTdp0mmVHUREm31rlbiQGK9ZJqMNIwNZle3prJegUkFhRFq2wD7NNqlw76BqgLVyV3Utkhpc_djsyANQbv5l_I-PGzpfMckgvyRVIDvb5gTjcvA0INme71sAo36B-iSwMuHFbaol1v4eJGES8lHr6MBzNIDq19w_2FOxtRQdU6XcKryCwa_Inh8fGW1WFc_jhXJlmGO1VFQ-iQvDvnsrem4sNTDsBHJNiDzF-K3662hKH1hTDV6c2CkBAQVMetChK0LhhvpBjMAxvXQe5y3bJPAUNUqjjiAd5Qr4-ZApqYQ3aExhl_7aufclLQ4NdsZVMJZU9OmlSxlNT8QTfsWKy-cIESKVEnNk4B4fN2_uSGCGPMjpYr1_33r_3q64gLQeUJQwkDH22uwzUhFrzP6NnzvmJ6lLNDtL8s1zXiyIMg8xq2R-trXUFFNGmvMRboKeUf2qiIX5Bt6g0hayvoGMjzJQuuQmdxqM_z_-CIsViE_X-ZeKdCDHtdL1r9_xOcItpA29I1vczW3lHwJpf9YMfA_a&cid=CAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fx.gd%2F&ds=l&xdt=1&iif=1&cor=7690346985672284000&adk=1726166460&idt=93&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd0165fdfda56ecc93d0618d4e427afc8802a9d371666559ca8265179cc681cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4523
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
70ms

Document
text/html

2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:55:12 GMT
expires: Thu, 16 Nov 2023 15:55:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:55:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E7E 41 KB
14 KB 10ms
10ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsT_cxPULdx2exoTU4W2pF9yKRk4ZT1rG8srYJUeNdnZOrz42A8zIKRs8Eo-VBHiGLZYNiyC866Iw7BvkCLJmz4fxZ0Uq1_VF1TjWfwqeLCUWJ9kwToH8ylItckzxl8EmVC7elfWXPWCIm4GPtF6rQtAs_9Vy8vStIE5KlfAbjbegwfiU&cry=1&dbm_d=AKAmf-BeworV7hA2kyoRizVebz8J01HpHdyqwKl-ItpCZ86gUDHPDqk9etYdsEFXRc4Pd_KwnA3FLMV8jPZnJ0YLXxX6l8T3-3pvyMSF-Ouwf3o4YMNg3Xh1uD37ifS6OTFj_ZTlhAr9fPcaPEJQEgB1bNe5X-OKsZZ1dmGyKE6hzMaH4xpeuIMqDnfkE6MNyT6C8hPH4P6g_CNNx0ic1dOciFlB-xD-wIIf4Q4qTIxmBfj2r1IFGeCTnvtoMvPFvO0M7onY19GPV3rDUNzu5849SaHfc0vnqhQqzo_Ps0CV4jZkvX4_aPPeKWz3w5GBpMl8S6plawlhwl9VdA-6Amr_TGuRr2EtNVAP-6B2sDgP3pM_-pHAb5zgL99CVWVPEpZFpgXk6-ICyljzjKDpUHpYsMvdUFHV2ncaiWwiDkkfdzfNcG-17vqqVmu1M371N9KMxeO319qVYDO3yfIpv-lCqSypJNGVEsGgti1QXPYCkA1gtN4niMxZV2U5JHXghD2QKAgVECtIj2dOqBCfVRfyL6KQMDLwlmXX6zt1qu04vVEC05v1BmiQpsiaNLp6dboOLfUspJj201puAofD-BgpybLCZ9Hw6CsNQJVvIWhiQnOlzR_oip5OY9zfqwsnF_a1XzQisimPcfkN2uo4wPein7k6KF4GPEcldqPo8WApQXyrB4LFRIPB9YjFYU6UDs5KytpuE5I1UY1_gk51PeiEncUnEbMY5r_4NA4_2gwQcaazpjwrIp6qcY9zUPgttYihMZgqSoN38e7PPZJDE01sgWT8WqDjx2FzTrUTNImrheqNGZ58zOM0s-tCldmC4ldkHTA1Mnmh1huqGpmZjMLWxksLRzZSuBCZfJv4dEByzgl2xpuYImb182QbDkmWWzT2sgSS3TLgD-2RgAh0PGFf8RZd1E1M1ZLqEQKOEzcIjDX0jfPgi8UGbQv2jl-T78FQh-32RCqgx9v0bLLtE8mZrClo5_KlHZHsi3q2kG51FaTpfbHZGZaO9XhEvDtxT07NOMzFPaljqlRKocWso71m28EM4RHd2pFM9yM7-rAPPQd2SMnVgioBX-Q6MkPUumZTPTMSPDbyVgXl-xgozGh0i8OiDVkm4fq7sG3001uNRdBzazdolg_UXeCiLfR11wYJrCMgrCJJa_kVySNODNtaHSodxHuxINcqy2iRQYYkj8qDmyHkP8o-_DGQCMuSv_t1q9X7fxR7_KxWAuGiVJPkGDb1qAEOCprc-TrYqZtQCaMQcLBncRWMra635o3prJT6QR6Pp3va3HPPGumLCJqdGl23lWyj8u2Y161IBYWBiHBSjYYwsR_racN-cBmfVBOb7R1BdDEONsZBOD5dkPl2MuaiA0nm-W9K-U8lxisiVSANmLK2OWs8Chz3NsbJhgZf2ThKl6Ixm9_ZFNIDFIMtdcx-3kfcesBnUqe69iEUKWFoiTEPqkSA3f81szQb3hLOtX4NQXR-uw-eF_3ccAzwIksbYmoxf2N_-7KVa94yxy07-cltYhCU0m2CYRzAEZME0coVw2efEVwzu6E8jsTjtN3jn9U5wmPSbQYqXx-FxT5ADKMtf74RdOmaoZQIf6KdcTiI7yT8eD_zQTXTRS41HdlHCSfsbjpl5Pk3hoMMzJxtcjXyPbPgu3L8p16IDWOnncJnMgnDvmkzfqBtsFFkqCa30l95Yf7Jx_KeuzmBJ_ylrjhRY_5lv2OZwYvr3iaLurIaOpGXfCr7n5HAh_kpHw2BbEMaOfrhErOToQpAkNd_JUFQciUzFcp__oNxHXNvtOVYieo2V0rM2tN6ISmCg1siqaKmhUuCsQujXjqZts9-Ai9yeqxMQo5Z_V78x1BEV0Do8zFSqGB1m7oLOaAxxCuVqeSGOh07c5IYxlPNdGoseaD8MrGrZbiFK2oNHS5o2YIU4QbU6VUY92VbPf29NAGxiX08Dfk69bfBRzK6T5Dunp8125S0JMBXjtCO9hMkJLU7bp3B0fw98ruyWznQT5lea4o_37cKPH-P1XC_uSdhYB73eoul2tPFxupf9ZK6bawNzlgz8IyF_wigb5aKUkpiT42Vo_Qa-wHP01n4-08Xks438BgM8oVdPqGRnE432wMh_kx9uVDYndVw-pVOBBXADnCVsmFX7cSbTueBrg6ii-8iy0kt-Inl_pz3a34tokks-XeHQ1rHjIkCu9HYOYs_IaXIrVHxJHY3r5bMGw1hBF8QcGcG68dLptSAFmF6636bo2JohKOQdn8AudYbiXog1LmZl1T5VYvCswOqKYviOsnOPudtCUf5pVKBL-olcxpg0-XdxeOmIp-K_fMccmNawuJJuOIhg-YP7ITwSvAL0DMr0XijGnZmENtORS4JaWKm9X65tguFjLpftO0rcge6OWD51gK9iLUQI_Ps_MEkPKu3pTdp0mmVHUREm31rlbiQGK9ZJqMNIwNZle3prJegUkFhRFq2wD7NNqlw76BqgLVyV3Utkhpc_djsyANQbv5l_I-PGzpfMckgvyRVIDvb5gTjcvA0INme71sAo36B-iSwMuHFbaol1v4eJGES8lHr6MBzNIDq19w_2FOxtRQdU6XcKryCwa_Inh8fGW1WFc_jhXJlmGO1VFQ-iQvDvnsrem4sNTDsBHJNiDzF-K3662hKH1hTDV6c2CkBAQVMetChK0LhhvpBjMAxvXQe5y3bJPAUNUqjjiAd5Qr4-ZApqYQ3aExhl_7aufclLQ4NdsZVMJZU9OmlSxlNT8QTfsWKy-cIESKVEnNk4B4fN2_uSGCGPMjpYr1_33r_3q64gLQeUJQwkDH22uwzUhFrzP6NnzvmJ6lLNDtL8s1zXiyIMg8xq2R-trXUFFNGmvMRboKeUf2qiIX5Bt6g0hayvoGMjzJQuuQmdxqM_z_-CIsViE_X-ZeKdCDHtdL1r9_xOcItpA29I1vczW3lHwJpf9YMfA_a&cid=CAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fx.gd%2F&ds=l&xdt=1&iif=1&cor=7690346985672284000&adk=1726166460&idt=93&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 05:18:46 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 5E7E
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1527247/72330251/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9...

53 KB
21 KB

193ms
78ms

Script
text/javascript

74.125.23.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Server

74.125.23.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tg-in-f155.1e100.net

Software

cafe /

Resource Hash

38380103a69dbd346c8f62145777cb4f20ec7917d1f9feb7f29ac5ebde76a261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: nginx
x-server-name: app01.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 879B 91 KB
23 KB 344ms
121ms Script
application/javascript 2600:9000:24ba:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24ba:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:12:12 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 bba30123f54a6d1251a0db5da01006dc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
age: 5690581
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: mf2cupuZnNlc9yHagYVDNrcuvHdA82dQqnEzY_pKsqdEHj-66bO9dQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
215 B 427ms
119ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk5ty,pingTime:-3,time:84,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
216 B 424ms
118ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk5tz,pingTime:-6,time:85,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:18%7D&tpiLookup=ao:x.gd*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
215 B 417ms
119ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk5tI,pingTime:-2,time:94,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:221,beZ:223,mfA:225,cmA:226,inA:227,inZ:230,prA:230,prZ:234,si:239,poA:240,poZ:259,cmZ:259,mfZ:259,loA:306,loZ:308,ltA:315,ltZ:315%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:94,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B87~0%5D,as:%5B87~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:18,sinceFw:75,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 font
fonts.gstatic.com/l/ Frame D1AD 14 KB
14 KB 46ms
3ms Font
text/html 2404:6800:4004:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpR47TkCAmUhDrhVnhzTFe9ISMVxV3k6kTPkL-S6Y_MS5ijQSLviFzlK77onDrr_HBA5agrAh4xCFJEpsQo9KGYZZYQi7175D_T2Xx68_FY6Ar6hfo8rYUR85JWbg&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%99%E3%83%A9%E7%B4%84%E6%A5%AD1%E3%83%B3%E6%9D%B1%E4%BB%8A%E3%83%AB%E3%82%A4%E3%83%BC%E3%83%87%E3%83%AC%E3%82%B6%E3%82%AF%E5%B3%B6%E7%B6%B1%EF%BC%8F%E3%82%B0%E6%80%A5%E4%BA%88%E9%96%8B%E3%83%95%E6%9C%88%E3%81%90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36f9cbfb43d218b47987374b345ecb40e9c8e585d0c0582aad2d401c2d035bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:30:33 GMT
x-content-type-options: nosniff
age: 62679
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14028
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 15 Nov 2023 22:30:33 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A4CC 38 KB
13 KB 10ms
9ms Document
text/html 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 76025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 18:48:07 GMT
expires: Thu, 14 Nov 2024 18:48:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 44D0 38 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 01:05:57 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame A4CC 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 13:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 13:36:35 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D1AD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_1KBXztWZbrpHeLevcAPjrab4A3txvqcdPfm0ZmIEmQQASCf3vNvYInzxYT0E6AB2trf0QHIAQmpAvlufRrbYjw-qAMByAPLBKoEsAFP0DbGhXw7ZIBh3lf9m_to2xrxE0WqTpxjkaC6Svm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda7924e9cbe853b0000000000000000%22,%222%22:%220xa6ea6ea5ee0f5f0c0000000000000000%22,%223%22:%220x7cbc188...

0
0

79ms
39ms

Fetch
text/css

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xda7924e9cbe853b0000000000000000%22,%222%22:%220xa6ea6ea5ee0f5f0c0000000000000000%22,%223%22:%220x7cbc18895a59f6a90000000000000000%22,%224%22:%220xdf6c0a44865260a60000000000000000%22,%225%22:%220x1a59a90d125d4fe00000000000000000%22},%22debug_key%22:%2216271823658955571391%22,%22debug_reporting%22:true,%22destination%22:%22https://grancreer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22439872858%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228214200688035319841%22}&andc=true

Requested by

Host: x.gd
URL: https://x.gd/

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xda7924e9cbe853b0000000000000000","2":"0xa6ea6ea5ee0f5f0c0000000000000000","3":"0x7cbc18895a59f6a90000000000000000","4":"0xdf6c0a44865260a60000000000000000","5":"0x1a59a90d125d4fe00000000000000000"},"debug_key":"16271823658955571391","debug_reporting":true,"destination":"https://grancreer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["439872858"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"8214200688035319841"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:55:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 15:55:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xda7924e9cbe853b0000000000000000","2":"0xa6ea6ea5ee0f5f0c0000000000000000","3":"0x7cbc18895a59f6a90000000000000000","4":"0xdf6c0a44865260a60000000000000000","5":"0x1a59a90d125d4fe00000000000000000"},"debug_key":"16271823658955571391","debug_reporting":true,"destination":"https://grancreer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["439872858"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"8214200688035319841"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 005F 38 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 01:05:57 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
40ms Preflight
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 15:55:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/15963/ Frame 5E7E 6 KB
7 KB 748ms
124ms Script
text/javascript 54.244.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/15963/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsum_fLpJ57_XAO7J06pigGV1H_kvxm6bdooNon7eKPLDhOdcaoaNPNzziB-ZlwCXF4Gfi0C8ZLa95zLMge90wudyvy8niXxLYvTEL53Bq5X4TtzWP8oJVGcDZyEgApS4Ucms5gAxDHsNuGrcb3XLaZ4BVkxVy1jvbGyzd-yxZ_GuO6v5c4up_T0KvP9fq0PekumHjLzl92AiIEAUsDfL_vSRobd_8dH2oc_UsFv8yXihzeHDwhw_YjhjUPtDDBZMJaQ4En2qpd4hMya3MeIk6yoVCV2E_TndFWPl3WobLTqMYh_8ApNdSDYgVP2Kx6V-Ic2tu51XhEJw_B28ceZH5M6cc60TAOkloIbsnI6p-XxJMuwWLGDs7OT-ZJUmzu0ETig-O2X1yGEqJccjW74oW8M6CHgcbExUqHPuhqaQjr-ql6GyKZVeMsbiEN4wDk_1HJao9_IJp9C0ixRlQVzm2QfefN9Amc_AAMNgRIXdYNcke6EpLwhwgcOX9-_zAn2lv2RV0LvQXkuSkjEZt1gUSn-gmcXT52fGpuVVvuFefyMy8ItcnUF-1dXFIuG_3t_0H91WCSJjgSVUte_yQtMdB-2BZkkzzc-MexU9sWkTD1OB5eqD9Eo4BPJgp3HMamToIT1cAgQF2eiiK8mbExJ-NUNEcvKvHs6gbpuOXuAD4E0oCGmqXWC00qsRfrtshV-tJT17jBUClQiAZtG6T2NMMWm_3ryIYzwvGEe1iDKyiWLatqFaUowRzDD4FPtQE1BxjQkARyX1R9X3Xz2l__BT6xZ2jK-f6RA6Rph6D1YBfyNPHtuCdXVIokKNafgZIKbgMA4pQMU2apSMskGpINX2O8tAkoOtvcQdOnFa5Knh_HHWrmFDgGUnogTg_ibFWhIl5gXZfViAYMpJUinb2OjiJVD7GVEdXu9teytm6ZamZPHcuL_SpeuObbzn4FCEbg4TnVaVJMN0GktNdyqv1lGrNMBv-N0_wT10kfnIpbPdKBlAM03r_QxoBJ7W4FpYA4EX8KILiYg-6jiwQdEaZs27S5LgiMjgetiKfa-klFTGzokHpYd7toJBD77H9mLYr4rc-1AY0GjhUdt4v_ylNHen8m3W5xmKMKBKZtiPZ5cwFFvLUkNFFrVjK4qYAxeV8zTwWaJUP9EYEaj3wIFKEeB3Iy4wsRJje4uUsD-U7uPPuZgyQ0ZXZMM-oa_ysQu8mpy1rwGzGoYLXG2K1v1g_deVihrrpksZMzE0nbCgrvx&sai=AMfl-YRHUyZK9xRW96DnDI45zgB0obU9aSeA_HTK_07Sw3BakZ_RRubTP_Grg7BDydrETQQrkE-u_HFAYf0BMG0kCI9etIOAQj0g4NouHMHAosq1JYE75HFQCsFp81dX8A0j0uT5BBYFK9vHvYdKMCekcUT98XaSpJH5P5p-d5-LEJNgOSUEvQNRtZIjFeFe69nykzdJhNlqMokuRJX1BG_UYJzXtXXcGeSuF3iN4RqBUoFyIJ5EimOBfKZXVMCcPVwgKCQBU4HEehLK8p_YB_-UV7bPgOEvva6QKexml7JiFVNRPf20E2A&sig=Cg0ArKJSzKVFEOGwCJN-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30088939&DFA_PlacementId=370136232&DFA_AdId=560958764&DFA_CreativeId=194187017&DFA_SiteId=6958819&TC_1=cmm9q5m2ohy&TC_2=30088939&TC_3=370136232&TC_4=194187017&TC_5=dcmadvertiserid|8404942$dcmcampaignid|30088939$dcmadid|560958764$dcmrenderingid|194140542$dcmsiteid|6958819$dcmplacementid|370136232$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&Placement_ID=370136232
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1527247/72330251/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013060816&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20266420254&bidurl=https://x.gd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ibphsLB_vcp3rCYRcvibLp&adsafe_url=https%3A%2F%2Fx.gd&adsafe_type=g&adsafe_url=https%3A%2F%2Fx.gd%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2737572314184878%26fa%3D1%26ifi%3D4%26uci%3Da!4&adsafe_type=be&adsafe_jsinfo=,id:ffa0c448-794b-4f0c-8bb0-96db6e73e181,c:ubk5st,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc59574b7-xh9mh,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:8676c4a8-8498-11ee-b3a4-de57067bc126,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.6.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-6-21.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 1d725d4212c23cafacb057c1e609f2e2a174016d73ce051dc77ec5e296eff360

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:13 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6624
expires: Thu Nov 16 15:55:13 UTC 2023

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5E7E 31 KB
12 KB 3ms
3ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1527247/72330251/xbbe/creative/adj?p=APEucNVS_Gf7vLA24dClnfdNJV-RY_eTrkjIJFTawEJnCrduRFdMDgk&d=CokBAKAmf-C1LZ6E5OqYy6XiMqe5Q8Oes4I9AajEX3r3gmRTK73akVQCY-U-3j9Telktwn55n7WDEycBhbTOlbsh9Ok_ef38qGTVgw0BURx2auzwHjROzXzdSR78Rb72d4m2Db2EmCWHa0FPPZDLlGFFoID_4-I-HUS6VmM5_ZG5X7xJxpVMa0mFfEISmRQAoCZ_4NtA1zhc5IfF6TMBhJiS-KDRZIBuu9fgtGeasUo6MD_6LhRcTTa7QUSB91nMBvCKwI2PvVEUsHdTDrCeRxebJj7DtCLR3Z2Eo8fA85hpQb49GGIHWDrVQ47emtBFLqEAvQH0H1mjJzAs8vU1n7I3API8cDDmH4FJqxTCz4o3UNjpcxVYOqBZbRcy-0_wZCki5rYAJmu7QECnr-Ks7BvvLbefx_Q6wlTdy3wZwd7-nh9GxuBYJkOwjfOvr2PdFkyH9VJ1AHRGVotVXDIrfDtpCUsMu_k6issD_NX5O6jMjNCQe9qy0ki1lxlM4NaAcF8M-Gq-3DmGNS7-GA63VHWLRKb0AKoxo2RTUoSbAT8FESk4zKL8BLBJkDMXcGRJjQuIxqCqnAEIeauXtj7m2Q5mBVQXs3lUbW2MllhyOg-UKpTkdr0jHyqCT7jGNutwZNKq9ww_K-9195yq3KYE3cSSbe_fz7xIqop8Cj-zrsYmfnUvEOFKTUh91Mbd0MUo90ibkeiRRyquHLkeubEC2KD1Dl99oLV86ecXvYVZ_NCrJSEu5e_NC87idcJgrwTqGd3fVAiUrGrVm6spQs-1KD8ENphEATWe4xm-JadNHzuu4rNZjpkkx5e3_IjrLSAAq7LS-PE67AmnH4JOmvULxnt9sWd3zvuE2LEjoRS-Ppp1dJFrRA3LAxdJhg5EDhBPNIsutDDHFO5TFhgjSQRuggOy2cewL3PuM6iU5szFWvekPyY3mL1OX1wA3vYVAueHaFRhPmkU1U9lVYvioc-6Ld6-F2pLdR-x_PeZ2F50z6Crmth9660Ej-_8U40eDkkGv9E8AJB7C2yTeUgc7GmHUCCNJUy6qheVfklvUlz-aGVUZTfPGbOcnzHaUBb3m8_veqRXDtr0gjjjvja1g2x6s9VVVwOyw7TU_fTzjQO3GMrQoPb6ceJxAZh_mROGrcg38kBmvLR1g5RWgI39_wYPzP7O3SXWwh9Cb9cbS-b_N3U3EsHqTshyM7KoZfcgmkisYVZcxW32epeBHAfp79NcI8aYefRwIMiG7vrBIF0_rsS1w6JWoNThv1TriW7uL-GMY4Uh2HGu_iKM2zV3E8fyFY7EuIx9wfa0YjlOXakVz7lHUd3fHUjfojo8k7bvgoKQLaMDNALYYuSsuNmO-qb1WU94fki8oK-TqVWyJYIkfTBJE0zfHG8K1zwHfHDzm4WJPNDGz1f5A2oMe4et4kbJZ0wg_DYhhmMOoDPKn2n0mO02dJsqUlaRY8Opv5aqwPjkHvMnevrok2h7oB5ngQcqad55A8B2YNgyro39qDuzEC-dj_7Nd0zbCmp2LlVI04H5-oZD_Q35z_wYLutvnVUFqCZ1Vc2nRRGNjayQzkScFj7ddbGo0YskvuW_WL1iZ2ruc0S6Ej_rQ2C2y8Ns0S4D5fX9-iucDd-tII7jNhe2qNu97P8UvJSjjGIbfH01a8QSjFpw3OjNSSJ5JCURqpRU00JABJepjdcBZHXdQyW7NmBFLOS7kruvWEboY5MxVNjzqkgrcRpKjTDkr0ju7d7oa7tjF5r0ohBrPvobww9NEmYh1K6FXBAfXfEAOifZbrUiua6-sHn2z1opgSBGlu2pmyBWcHYdj-dtwPW2zhHhl_o20kYyI6ewqSpSICais2Ba_LTamCSbKlcctebB6S9oAzTfeGuE_IQXS8ANqK2AXncPccfoBRyGlYzG2h2JwWqz_JyzNhvCZ8EqLK_T0QZaa12NuxuDM2pdRSBh0yOwrZLoIGBzggTSgydVZLlSiZUyf9shz6MunzdLX2t_HnL25tvVIqB7ky9UMXwvIjh44bNosdbFkDN2m6ekqurL47QDfO0-qZwM4Ts_7YFjy-ZeDjWEJjkdwYrltD_ITQ_FkVN0ilVlhpg_uIutURr10RsQOdBqiEhaX3TSrdYVP3C7GTzrYkVhYAPevizyfycRbEF27FIFl7ft_NHLV03yu1R2fjihVIJ5blXCd9lWhsKyCpYavoI4hcev5-37e-pdJm3XQCyj0SKQjCtmlfroY9fD-A6wVPGMZ-atvuRWGYs8cacH53OTgavmjIbkDiBAQ7Y_KBor0zOUpsttgbsjV-GxVTta-bn0fu4qMxGN6UsucyjPTHrU_rVdxnhFoZ8PpN1krUiMSQ-tEVJJvgX6J9cc9COhK7xrVCfhIPLWLwn9wpVFZivZVJjY2WlRn-gkQ9DrvoJGEQz01BrWFmvuVqvWOQnXgpwbsVz5ovW0Qz1kAtEyIhcp4hvb40ppLH1tckI1RnhHgeDbibmAQQ5V3WsPzeb_xKNqGorj52ei7zQQpiTBG7WSuWchgBmfcGwxT8JlYiM-1T5rP1x3JxfDB2YwNeVUZkSSHUrFO-yTfzKNTaPDOOt6pZ4wq7i0SmRbLCBglM1aWgxKSSz49BhBO7uGiKaH-NmDqxNP5qo2VdrgzNCzwAR50n2wXJxCTzdF4MzZvEPVEBHar2Uf11vwumPw8mC4bn1RstGeigg5c3TchqGeZ_ohfRwwF64DYy5wMdwITsffXDXxGlKDww7tcO9aSQjsI8KWb27n1X2oGnCG5k9ssmov3DjAPrzYuqz8-I2ovRqNKoQiqcp4mti8b1gbB8JMFw5BcLdT-zQ0PgAjnV2N5kC1FDZK3k3qNOiUzUvAnGExZU4HdIa6vLT2hJgP3C1wgsyj3bc-2KXqgjxo0bIg2R8yf928ohGeSZYQDgKnMUzclA0oxcrRYWSjLqdV91SsLwyxcA9K99i4ZWY9QzqQg-BwXVhem0uiOQD_Gi7LHET9FcpwAQ7iczNQ9hJXU4DHmh6Cs2QROqBp96XCRs63DpkGncpYsZ1TfV-zLpAxtHHWBksn5uw_mLanXcOOgg0Y9RSPpfxPiNuyMivCIo5REYUop0dpxep6xeqHaRnkubyt_X9tm5gh0QohftnFmeWeynuKmIEfFHXNmujZGZBdbmM4SFJ10M8G_QOL9QSq6d5Cs16_n7kV2iI9Wx-CZAzw3kQW77FX7uMPZeBX_NtMPg4kiNRfdbuucsRIAC5gzHCYo4vk1F6fULESqvfnnS_Q1BAxZ4drKGqxKTX3Rd43XYkOJXezspMYIL40JuhA7kuxYhH9CI_s4rdMQZsl_CkPFmGRiiNMVrmZo3Y9nJjVlFKAVOEqrLERojx2rET2iJAdjR6lv7Z9UbYzwl2VJB-gv0ooeHpB9mzyvvANoWT50krb0cmegG57Db99xHVRJOes0nCpbsiPOrYLD05ve7DpQ6M6eosuNvKKb3Bbm6KnHg4-brYlcQVkP9cLhnoCQe7H2BsE1OsP-no5PxxvHHUsARqr8pp_091knZIx1S4mwBoNnys40j1DtfhgMBB_L4oZW1MrxWbgHxSOcg3WEfFLVac1lQT2XPvG1rGHqERexfEY5jvOLxHGBGzo0DQ-sCdVvYmDABpUCAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013060816&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20266420254&bidurl=https://x.gd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ibphsLB_vcp3rCYRcvibLp&adsafe_url=https%3A%2F%2Fx.gd&adsafe_type=g&adsafe_url=https%3A%2F%2Fx.gd%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Fhello%3Dworld%26fsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2737572314184878%26fa%3D1%26ifi%3D4%26uci%3Da!4&adsafe_type=be&adsafe_jsinfo=,id:ffa0c448-794b-4f0c-8bb0-96db6e73e181,c:ubk5st,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc59574b7-xh9mh,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:8676c4a8-8498-11ee-b3a4-de57067bc126,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:56:30 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5E7E 11 KB
4 KB 3ms
2ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 22:12:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E7E 0
0 89ms
42ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsta1BAEfKwCI8gLpnpMdyvzhyWiLzeYKIPt4tp8Q4NxGmVU8enNCsN4sMt2G_PSQoyx19AWYMFIVL8VYuIr6xzNLBL17P2Sf3zzIm_xcp5X-G88rhPb_F8xr342g60sCQ1J3T76QeGV2mC5Yxpcjw8q&sai=AMfl-YRSBuD5txLWYZZgE1icHX32nvTqc1GGuiC3RJwaJ0ycRihz7DOf0C2xXbb6n-lFy4BO5292iwAK09Njs4Gq9EfRkDMI6QmupAEsqPwG7k9x4DVCW2SaFSY_wBuyQQ&sig=Cg0ArKJSzMsd-38s5v8LEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.25737&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A4CC 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZ16NYDtWZc6VCJWWid4PjcIRAAAAADgB4AQC&bg=!GBulG1TNAAZxrfrxUa07ADQBe5WfOG7bTW68T7IF0bFzFXRDtR3BE6cI1ESq0EbE2YeVzNEV1VWS1u_yN9yKX26UwQ58AgAAAGFSAAAABGgBB5kC66mxNqk8sOqPkelZngBOO6SETPfiiMUl6R0Zd1G2YsLa7Mbn2_nNj53pZvq-O80l9tv03HmY8RJ7gWV5RjqU8AsiBwKYR1v_-9YjDzsBKdNRoujxggZds7zveA1QT9usyN8ktN5d34Qyx3dExnxmhl1eitq1VGHsSUYsIgIaSDL7Fe6g9GsvUUZyxvdcbeyLTqxs9GsKru-3zXO_oHxbDuD_LNPWfUVusxhJgEGQB5-sVs19C40V-ecLSBsFQUUXXTe3qw-4PmVIWiFyFnT_WmRICdfUTMREhmjoHjuo_t5EFmZT4RWKNmPvElA95BpupY9Km0WA_yrOo-HOM0JCfwmCr8bt0ONAXiHlG7pF87RidxeyGeTMLqbiCJpNrgcMpFL_usE5_gc1r4G6c2eroQskZ2iQZS_mXEKxXFQZLQzE_5bfE5UP6YtcJ4V29MnoL36TqjnG-O18x3wEPaWLBFtr3LOTCdbWVnwKmgZx0_tWa6pODt-Ca4y5PhDx_zlsmFEKOxjBPuBg5gCTXCngiFjpus9ovAicubmpuCJBZj1Ws0qXZ_2hR8HCKMrHkneEbRkSn1rWNMARHc5rYkZRZO8RzxiFLWDQY0zUnJ_8w55yBXETeJ30h-MXUeg888HWJGDZZB8__0WXsO3S4Rb9-Xr5qSGUY7kkDslQ3IRpj0rOrdfWEPDXIA8pKCrS9Cs5CT4Cnf_xHL7yW_0X6qq8QbubYR75z9laCgRcAURXD5tqpDl0X0S4GLaBen_GNwjsb6t_OW5gJWp43yyd6jY2LSEX9GQfUzDPNzv3FpJfPIseQZkirqvNfSOF_p5PfQPGLrTOZVq8-djFYdw45HTJ-_Cb2PJDpOaYwMQcEXCONhlqwu_xcaL0wARopfmLCBHAdgjL7aBrYQz6ZOmNYoFlPRiTA4f1n4SKteSIgElrUQEtkUAkOmiu3zT3zgvbg4iW4BM3QkQlCZQcoMsena5kZi0ddgwM3-dr6izttw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
215 B 120ms
120ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk5Dh,pingTime:-10,time:687,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNTQwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700150112871%7C%7Cd61d4133d30dcff2b7da65db69fc2a91%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cf4d061b143605615558c7aa0ae2c9af8%7C%7C8f6d57c5a226e0e28baea160c547a974%7C%7Cb0438082c0e785ae2c0b574aa4c71830%7C%7Ca113b8f711aad23ff4043975fe60898c%7C%7C2cfe69a39a29605a5abf0e3237fcc7ae%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:12 GMT
server: nginx
x-server-name: dt31.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/15963/ Frame 5E7E 11 KB
12 KB 131ms
131ms Script
text/javascript 54.244.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/15963/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsum_fLpJ57_XAO7J06pigGV1H_kvxm6bdooNon7eKPLDhOdcaoaNPNzziB-ZlwCXF4Gfi0C8ZLa95zLMge90wudyvy8niXxLYvTEL53Bq5X4TtzWP8oJVGcDZyEgApS4Ucms5gAxDHsNuGrcb3XLaZ4BVkxVy1jvbGyzd-yxZ_GuO6v5c4up_T0KvP9fq0PekumHjLzl92AiIEAUsDfL_vSRobd_8dH2oc_UsFv8yXihzeHDwhw_YjhjUPtDDBZMJaQ4En2qpd4hMya3MeIk6yoVCV2E_TndFWPl3WobLTqMYh_8ApNdSDYgVP2Kx6V-Ic2tu51XhEJw_B28ceZH5M6cc60TAOkloIbsnI6p-XxJMuwWLGDs7OT-ZJUmzu0ETig-O2X1yGEqJccjW74oW8M6CHgcbExUqHPuhqaQjr-ql6GyKZVeMsbiEN4wDk_1HJao9_IJp9C0ixRlQVzm2QfefN9Amc_AAMNgRIXdYNcke6EpLwhwgcOX9-_zAn2lv2RV0LvQXkuSkjEZt1gUSn-gmcXT52fGpuVVvuFefyMy8ItcnUF-1dXFIuG_3t_0H91WCSJjgSVUte_yQtMdB-2BZkkzzc-MexU9sWkTD1OB5eqD9Eo4BPJgp3HMamToIT1cAgQF2eiiK8mbExJ-NUNEcvKvHs6gbpuOXuAD4E0oCGmqXWC00qsRfrtshV-tJT17jBUClQiAZtG6T2NMMWm_3ryIYzwvGEe1iDKyiWLatqFaUowRzDD4FPtQE1BxjQkARyX1R9X3Xz2l__BT6xZ2jK-f6RA6Rph6D1YBfyNPHtuCdXVIokKNafgZIKbgMA4pQMU2apSMskGpINX2O8tAkoOtvcQdOnFa5Knh_HHWrmFDgGUnogTg_ibFWhIl5gXZfViAYMpJUinb2OjiJVD7GVEdXu9teytm6ZamZPHcuL_SpeuObbzn4FCEbg4TnVaVJMN0GktNdyqv1lGrNMBv-N0_wT10kfnIpbPdKBlAM03r_QxoBJ7W4FpYA4EX8KILiYg-6jiwQdEaZs27S5LgiMjgetiKfa-klFTGzokHpYd7toJBD77H9mLYr4rc-1AY0GjhUdt4v_ylNHen8m3W5xmKMKBKZtiPZ5cwFFvLUkNFFrVjK4qYAxeV8zTwWaJUP9EYEaj3wIFKEeB3Iy4wsRJje4uUsD-U7uPPuZgyQ0ZXZMM-oa_ysQu8mpy1rwGzGoYLXG2K1v1g_deVihrrpksZMzE0nbCgrvx%26sai%3DAMfl-YRHUyZK9xRW96DnDI45zgB0obU9aSeA_HTK_07Sw3BakZ_RRubTP_Grg7BDydrETQQrkE-u_HFAYf0BMG0kCI9etIOAQj0g4NouHMHAosq1JYE75HFQCsFp81dX8A0j0uT5BBYFK9vHvYdKMCekcUT98XaSpJH5P5p-d5-LEJNgOSUEvQNRtZIjFeFe69nykzdJhNlqMokuRJX1BG_UYJzXtXXcGeSuF3iN4RqBUoFyIJ5EimOBfKZXVMCcPVwgKCQBU4HEehLK8p_YB_-UV7bPgOEvva6QKexml7JiFVNRPf20E2A%26sig%3DCg0ArKJSzKVFEOGwCJN-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30088939&DFA_PlacementId=370136232&DFA_AdId=560958764&DFA_CreativeId=194187017&DFA_SiteId=6958819&TC_1=cmm9q5m2ohy&TC_2=30088939&TC_3=370136232&TC_4=194187017&TC_5=dcmadvertiserid|8404942$dcmcampaignid|30088939$dcmadid|560958764$dcmrenderingid|194140542$dcmsiteid|6958819$dcmplacementid|370136232$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&Placement_ID=370136232&edge=y&html5=y&nr=0.8524814990941711
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/15963/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsum_fLpJ57_XAO7J06pigGV1H_kvxm6bdooNon7eKPLDhOdcaoaNPNzziB-ZlwCXF4Gfi0C8ZLa95zLMge90wudyvy8niXxLYvTEL53Bq5X4TtzWP8oJVGcDZyEgApS4Ucms5gAxDHsNuGrcb3XLaZ4BVkxVy1jvbGyzd-yxZ_GuO6v5c4up_T0KvP9fq0PekumHjLzl92AiIEAUsDfL_vSRobd_8dH2oc_UsFv8yXihzeHDwhw_YjhjUPtDDBZMJaQ4En2qpd4hMya3MeIk6yoVCV2E_TndFWPl3WobLTqMYh_8ApNdSDYgVP2Kx6V-Ic2tu51XhEJw_B28ceZH5M6cc60TAOkloIbsnI6p-XxJMuwWLGDs7OT-ZJUmzu0ETig-O2X1yGEqJccjW74oW8M6CHgcbExUqHPuhqaQjr-ql6GyKZVeMsbiEN4wDk_1HJao9_IJp9C0ixRlQVzm2QfefN9Amc_AAMNgRIXdYNcke6EpLwhwgcOX9-_zAn2lv2RV0LvQXkuSkjEZt1gUSn-gmcXT52fGpuVVvuFefyMy8ItcnUF-1dXFIuG_3t_0H91WCSJjgSVUte_yQtMdB-2BZkkzzc-MexU9sWkTD1OB5eqD9Eo4BPJgp3HMamToIT1cAgQF2eiiK8mbExJ-NUNEcvKvHs6gbpuOXuAD4E0oCGmqXWC00qsRfrtshV-tJT17jBUClQiAZtG6T2NMMWm_3ryIYzwvGEe1iDKyiWLatqFaUowRzDD4FPtQE1BxjQkARyX1R9X3Xz2l__BT6xZ2jK-f6RA6Rph6D1YBfyNPHtuCdXVIokKNafgZIKbgMA4pQMU2apSMskGpINX2O8tAkoOtvcQdOnFa5Knh_HHWrmFDgGUnogTg_ibFWhIl5gXZfViAYMpJUinb2OjiJVD7GVEdXu9teytm6ZamZPHcuL_SpeuObbzn4FCEbg4TnVaVJMN0GktNdyqv1lGrNMBv-N0_wT10kfnIpbPdKBlAM03r_QxoBJ7W4FpYA4EX8KILiYg-6jiwQdEaZs27S5LgiMjgetiKfa-klFTGzokHpYd7toJBD77H9mLYr4rc-1AY0GjhUdt4v_ylNHen8m3W5xmKMKBKZtiPZ5cwFFvLUkNFFrVjK4qYAxeV8zTwWaJUP9EYEaj3wIFKEeB3Iy4wsRJje4uUsD-U7uPPuZgyQ0ZXZMM-oa_ysQu8mpy1rwGzGoYLXG2K1v1g_deVihrrpksZMzE0nbCgrvx&sai=AMfl-YRHUyZK9xRW96DnDI45zgB0obU9aSeA_HTK_07Sw3BakZ_RRubTP_Grg7BDydrETQQrkE-u_HFAYf0BMG0kCI9etIOAQj0g4NouHMHAosq1JYE75HFQCsFp81dX8A0j0uT5BBYFK9vHvYdKMCekcUT98XaSpJH5P5p-d5-LEJNgOSUEvQNRtZIjFeFe69nykzdJhNlqMokuRJX1BG_UYJzXtXXcGeSuF3iN4RqBUoFyIJ5EimOBfKZXVMCcPVwgKCQBU4HEehLK8p_YB_-UV7bPgOEvva6QKexml7JiFVNRPf20E2A&sig=Cg0ArKJSzKVFEOGwCJN-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30088939&DFA_PlacementId=370136232&DFA_AdId=560958764&DFA_CreativeId=194187017&DFA_SiteId=6958819&TC_1=cmm9q5m2ohy&TC_2=30088939&TC_3=370136232&TC_4=194187017&TC_5=dcmadvertiserid|8404942$dcmcampaignid|30088939$dcmadid|560958764$dcmrenderingid|194140542$dcmsiteid|6958819$dcmplacementid|370136232$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&Placement_ID=370136232
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.6.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-6-21.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 5aeb6a3ffebced4c4b6c56fd0d887bf2fec93c7478fc639695ad9ec32192c70e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Thu, 16 Nov 2023 15:55:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Thu Nov 16 15:55:13 UTC 2023

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1AD 42 B
175 B 44ms
42ms Fetch
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzs13mHLLAIdsW9KLq_YQAC_B19NfkHgxjZShBLDIP4WDosV6Z-J20bx6rv4TtoviA9pOWVytnF9Mteb4yQrxn3yezGPCjxpXJhP101YESthlJB702BYOOgpNzOcdiBx8Xk0AcCDhuKQ&sai=AMfl-YTJHn5UfiQ-lctk9FSqXHyYXwaU20LlDl2wfIsevcgRPcdNn3y70SNadHoeT4V7AtMSvWFUuznrSIbRrTgMKTO3OROPcSuvacjDGh-_HAl2X1VG7KUq9Ow_ZEOTI-vOlpMuYvj6nrdl-3Jx1CEG&sig=Cg0ArKJSzIqB8C_P4dBKEAE&cid=CAQSTgDICaaNfQbCS7gRu8dfOkkkCXvETDHmCeFoZWJ_CtWIki-oR0D8jky0JuI67XI88cjeC5tl7JvHDQ_qgZZcDoYOt3gV7l9EPWQcpYZroRgB&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=511558961&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700150111453&rpt=917&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 1722 16 KB
4 KB 25ms
3ms Document
text/html 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZVY7YQAAIwGcRDmH
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/15963/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsum_fLpJ57_XAO7J06pigGV1H_kvxm6bdooNon7eKPLDhOdcaoaNPNzziB-ZlwCXF4Gfi0C8ZLa95zLMge90wudyvy8niXxLYvTEL53Bq5X4TtzWP8oJVGcDZyEgApS4Ucms5gAxDHsNuGrcb3XLaZ4BVkxVy1jvbGyzd-yxZ_GuO6v5c4up_T0KvP9fq0PekumHjLzl92AiIEAUsDfL_vSRobd_8dH2oc_UsFv8yXihzeHDwhw_YjhjUPtDDBZMJaQ4En2qpd4hMya3MeIk6yoVCV2E_TndFWPl3WobLTqMYh_8ApNdSDYgVP2Kx6V-Ic2tu51XhEJw_B28ceZH5M6cc60TAOkloIbsnI6p-XxJMuwWLGDs7OT-ZJUmzu0ETig-O2X1yGEqJccjW74oW8M6CHgcbExUqHPuhqaQjr-ql6GyKZVeMsbiEN4wDk_1HJao9_IJp9C0ixRlQVzm2QfefN9Amc_AAMNgRIXdYNcke6EpLwhwgcOX9-_zAn2lv2RV0LvQXkuSkjEZt1gUSn-gmcXT52fGpuVVvuFefyMy8ItcnUF-1dXFIuG_3t_0H91WCSJjgSVUte_yQtMdB-2BZkkzzc-MexU9sWkTD1OB5eqD9Eo4BPJgp3HMamToIT1cAgQF2eiiK8mbExJ-NUNEcvKvHs6gbpuOXuAD4E0oCGmqXWC00qsRfrtshV-tJT17jBUClQiAZtG6T2NMMWm_3ryIYzwvGEe1iDKyiWLatqFaUowRzDD4FPtQE1BxjQkARyX1R9X3Xz2l__BT6xZ2jK-f6RA6Rph6D1YBfyNPHtuCdXVIokKNafgZIKbgMA4pQMU2apSMskGpINX2O8tAkoOtvcQdOnFa5Knh_HHWrmFDgGUnogTg_ibFWhIl5gXZfViAYMpJUinb2OjiJVD7GVEdXu9teytm6ZamZPHcuL_SpeuObbzn4FCEbg4TnVaVJMN0GktNdyqv1lGrNMBv-N0_wT10kfnIpbPdKBlAM03r_QxoBJ7W4FpYA4EX8KILiYg-6jiwQdEaZs27S5LgiMjgetiKfa-klFTGzokHpYd7toJBD77H9mLYr4rc-1AY0GjhUdt4v_ylNHen8m3W5xmKMKBKZtiPZ5cwFFvLUkNFFrVjK4qYAxeV8zTwWaJUP9EYEaj3wIFKEeB3Iy4wsRJje4uUsD-U7uPPuZgyQ0ZXZMM-oa_ysQu8mpy1rwGzGoYLXG2K1v1g_deVihrrpksZMzE0nbCgrvx%26sai%3DAMfl-YRHUyZK9xRW96DnDI45zgB0obU9aSeA_HTK_07Sw3BakZ_RRubTP_Grg7BDydrETQQrkE-u_HFAYf0BMG0kCI9etIOAQj0g4NouHMHAosq1JYE75HFQCsFp81dX8A0j0uT5BBYFK9vHvYdKMCekcUT98XaSpJH5P5p-d5-LEJNgOSUEvQNRtZIjFeFe69nykzdJhNlqMokuRJX1BG_UYJzXtXXcGeSuF3iN4RqBUoFyIJ5EimOBfKZXVMCcPVwgKCQBU4HEehLK8p_YB_-UV7bPgOEvva6QKexml7JiFVNRPf20E2A%26sig%3DCg0ArKJSzKVFEOGwCJN-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30088939&DFA_PlacementId=370136232&DFA_AdId=560958764&DFA_CreativeId=194187017&DFA_SiteId=6958819&TC_1=cmm9q5m2ohy&TC_2=30088939&TC_3=370136232&TC_4=194187017&TC_5=dcmadvertiserid|8404942$dcmcampaignid|30088939$dcmadid|560958764$dcmrenderingid|194140542$dcmsiteid|6958819$dcmplacementid|370136232$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&Placement_ID=370136232&edge=y&html5=y&nr=0.8524814990941711
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 15:55:13 GMT
ETag: "150315370-3fce-5e32201ac1000"
Expires: Thu, 16 Nov 2023 16:55:13 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
DATA 200
OK truncated
/ Frame 5E7E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d4e9d6852f95a84fc1a8c127a9487a9a7307c24c1cff5b4b32b3c844fdcdcc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 1722 0
390 B 11ms
11ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZVY7YQAAIwGcRDmH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZVY7YQAAIwGcRDmH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "150315371-0-5e32201ac1000"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E7E 0
0 44ms
43ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsta1BAEfKwCI8gLpnpMdyvzhyWiLzeYKIPt4tp8Q4NxGmVU8enNCsN4sMt2G_PSQoyx19AWYMFIVL8VYuIr6xzNLBL17P2Sf3zzIm_xcp5X-G88rhPb_F8xr342g60sCQ1J3T76QeGV2mC5Yxpcjw8q&sai=AMfl-YRSBuD5txLWYZZgE1icHX32nvTqc1GGuiC3RJwaJ0ycRihz7DOf0C2xXbb6n-lFy4BO5292iwAK09Njs4Gq9EfRkDMI6QmupAEsqPwG7k9x4DVCW2SaFSY_wBuyQQ&sig=Cg0ArKJSzMsd-38s5v8LEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=974&vt=11&dtpt=973&dett=4&cstd=0&cisv=r20231109.25737&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
57ms XHR
application/json 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

326c6bb62711a408b536c6f9b7390e1a51a0c9fd096bb3104eee1c08c281378e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12114
x-xss-protection: 0

GET
H/1.1 200
OK z728x90.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/ Frame 596F 8 KB
2 KB 2ms
2ms Document
text/html 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/z728x90.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZVY7YQAAIwGcRDmH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 28113c528144fc17fae62b98b5bb750199d6878990fca21ea7a21ea556b767d1

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZVY7YQAAIwGcRDmH
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1975
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 15:55:13 GMT
ETag: "1aaf048e4-1f92-606552232b800"
Expires: Thu, 16 Nov 2023 16:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 596F 5 KB
6 KB 124ms
124ms Script
application/javascript 54.244.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/z728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.6.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-6-21.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: cache
date: Thu, 16 Nov 2023 15:55:13 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
75ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:55:13 GMT

GET
H/1.1 200
OK M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/ Frame 7543 5 KB
2 KB 42ms
41ms Document
text/html 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/z728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 120fe80faa102bac954acf8d3251d3277c0f03dd2da442523c0aab68241a9dac

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/z728x90.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1358
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 15:55:13 GMT
ETag: "1aa985a3c-1227-606552232b800"
Expires: Thu, 16 Nov 2023 16:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC5F 13 KB
5 KB 12ms
10ms Document
text/html 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 38187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:18:46 GMT
expires: Fri, 15 Nov 2024 05:18:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EE5B 829 B
1000 B 45ms
43ms Document
text/html 2404:6800:4004:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df81069270574e7a809aab15e915d0f3807b8a1ef5bf30a040450a2e3570edbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SYjAKXmLJqdrPhfemwIUOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://x.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SYjAKXmLJqdrPhfemwIUOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:55:13 GMT
expires: Thu, 16 Nov 2023 15:55:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iphone-inline-video.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ Frame 7543 4 KB
4 KB 9ms
5ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/iphone-inline-video.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e66d37d5a331f7b71d22a6fc78829fb49f7b8ce5c6cff769931e5e4e13917108

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa68e282-ff6-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4086
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/js/ Frame 7543 1 MB
350 KB 27ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/js/all.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d6285de7d646abfe3ec205fce7e5366c2d28ce254ad9fdcabcf681597aca6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 676070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 357529
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-120bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FasKwsqFDI6%2BL0mGBLWEfltGYbkV5VGqrVlkhaHmNtx4hov7Bl2LE3Zmg6QXEm%2Fgqb%2Fgiq8YNhQ3DbzSZ9mBeTwhNgNKL9TGPBaXewLgS9YPIQzKnriRgyvDZXVAyz%2FS9YaRk10a5qUqCuOaZ%2FCEsMQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8270eac28a606843-NRT
expires: Tue, 05 Nov 2024 15:55:13 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame 7543 62 KB
22 KB 26ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 488149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22641
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeBd21F1Eiv3KrgS%2Bf9z1U5TMvY94iw6Odvsu1KxUlMOVlSAVnLeUsTJYlLfe%2Bl5npvIyF%2Fa4dEZwM%2FSes9%2FdE1SnpNNIusk5ulx0wQoiX9QmhTnvNsMLYtFOFF%2BSwGAIqQY2UaUTG2sxb4CxBTA2Jb0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8270eac28a616843-NRT
expires: Tue, 05 Nov 2024 15:55:13 GMT

GET
H/1.1 200
OK SplitText.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ Frame 7543 15 KB
16 KB 11ms
3ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/SplitText.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 51e42f06d6a3da19b5e618e837bab6f288e4b2ee70688243274a8b6dd0d78b8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a42-3ce4-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15588
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 7543 87 KB
28 KB 25ms
11ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 781559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20t3L6VlIZiJaE8Q6BEmyTHBCV0tvgsHUeazCE4n0%2F4XDRMla8mgY0Qo%2FXE0iUbtwHzFRb5Hf5geaHV5ZZcxASr0W%2FGQGby%2B0zfvexY1D1wUg3cUhLKzSnS1bWfcU6wPjUKBAvRw3chHqcyDQUoq9vFM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8270eac28a626843-NRT
expires: Tue, 05 Nov 2024 15:55:13 GMT

GET
H2 200 createjs.min.js Show response
cdn.jsdelivr.net/npm/createjs@1.0.1/builds/1.0.0/ Frame 7543 235 KB
67 KB 21ms
2ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/createjs@1.0.1/builds/1.0.0/createjs.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db0740eb17879a7458c8925e207fd80ca8424f80ddcde2cdfbc4f7f5b44eed1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 15:55:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2927690
x-jsd-version: 1.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67836
x-served-by: cache-fra-eddf8230027-FRA, cache-nrt-rjtf7700023-NRT
x-jsd-version-type: version
etag: W/"3ab4e-xn3IgYMtlVnhcxmfPmvYx82Nl6Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK animateLoader.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ Frame 7543 2 KB
2 KB 9ms
2ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/animateLoader.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 425ef94913880011ec24054a36396c85a5ac79239344f21c9906576e34066837

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a43-81b-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2075
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/ Frame 7543 7 KB
7 KB 10ms
4ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bbda2b2bad2edf3d8aebbd7bce586a54840261b2595e5634a369ef1c9b643c7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a3d-1b44-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6980
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK main.css
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/css/ Frame 7543 3 KB
3 KB 8ms
3ms Stylesheet
text/css 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/css/main.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d507d098c77d36f603bad205f4b799c865bf12f0543ba35011ceb6774043e357

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aad36b5d-a3f-606552232b800"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2623
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK amoAd.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/ Frame 7543 10 KB
11 KB 9ms
3ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/amoAd.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 429312026f2df992bb5e4f3f559e38492f2322603e1ea33a3db2d3d6541beb15

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a3f-29d9-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10713
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK tools.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ Frame 7543 2 KB
3 KB 18ms
7ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/tools.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 71f647b5ddb3de69ad0518e52f68f1f2f018575f7e3dce1c9872693c302cfa16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa68e283-93d-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2365
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK ctaAnimation.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ Frame 7543 448 B
842 B 13ms
2ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ctaAnimation.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0fba4b67aba4322cf9ab30ee5f5cfd32eb266cdc18a90ee41a885ed54cc8c1eb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a44-1c0-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK videoTools.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/ Frame 7543 3 KB
3 KB 13ms
2ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/tools/videoTools.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37380456a30c73e388e32e6c60128db13bda229b6083834006629f9a2216338a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a45-ab7-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2743
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK anim.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/ Frame 7543 1 KB
2 KB 13ms
2ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/anim.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 40ecfb646cad27edde8599b4c3fe70ba88e4953953b30aa58214eb696c01a99a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a40-537-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1335
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK init.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/ Frame 7543 2 KB
2 KB 13ms
2ms Script
text/javascript 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/js/init.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 217feaf6d6c62daeaec12d06f07758b4d9b2ca4c0880202a9cbb48e1d3eef0a8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a41-838-606552232b800"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2104
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BC5F 39 KB
15 KB 4ms
2ms Script
text/javascript 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 13:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 13:36:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EE5B 0
0 39ms
38ms Image
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4425340562634585&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/fonts/ Frame 7543 25 KB
26 KB 7ms
7ms Font
application/octet-stream 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
Origin: https://dco-assets.everestads.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa985a3e-6590-606552232b800"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26000
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
H/1.1 200
OK Evergreen_Editor.mp4 Show response
dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/video/ Frame 7543 1 MB
1 MB 3ms
3ms XHR
video/mp4 23.194.70.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/video/Evergreen_Editor.mp4
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/createjs@1.0.1/builds/1.0.0/createjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.70.16 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-70-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d07c165d73c2ba36ed7001a73714801cc03ecfac6f5aa3170e949ae10b8a98c3

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/11180/1/Editor/M365_FY24Q2BCEvergreen_USA_728x90_BAN_Editor_EN_NA_Standard_ANI_SUB_NA_1.htm
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:55:13 GMT
Last-Modified: Wed, 27 Sep 2023 11:02:56 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1aa68e284-101311-606552232b800"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1053457
Expires: Thu, 16 Nov 2023 16:55:13 GMT

GET
BLOB 206
Partial Content 748c993c-9406-477a-945b-2822cfaa238f
https://dco-assets.everestads.net/ Frame 7543 1 MB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dco-assets.everestads.net/748c993c-9406-477a-945b-2822cfaa238f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d07c165d73c2ba36ed7001a73714801cc03ecfac6f5aa3170e949ae10b8a98c3

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1053456/1053457
Content-Length: 1053457
Content-Type: video/mp4

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC5F 0
10 B 9ms
9ms Image
text/plain 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wHiO-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:55:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
216 B 119ms
119ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk5SF,time:1641,type:e,im:%7Bpci:%7Btdr:1511%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1641,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1634~0%5D,as:%5B1634~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:122,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:318%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:13 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame 7543 0
676 B 75ms
51ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZVY7YQAAIwGcRDmH&dcmadvertiserid|8404942$dcmcampaignid|30088939$dcmadid|560958764$dcmrenderingid|194140542$dcmsiteid|6958819$dcmplacementid|370136232$customer|Microsoft$dv360auctionid|ct=JP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3F4192138114DFE903C4EC14FFEF767 Ref B: TYAEDGE0806 Ref C: 2023-11-16T15:55:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4425340562634585&bg=!wcKlwo3NAAZxrfrxUa07ADQBe5WfOMhr0Uy1ZzQBraMI6-H_0yZ6pX4gP3dwEBedVuMoZZNMVNRXi0OXoN1B0j33XO7vAgAAAHxSAAAAEWgBB5kCqF4GygsSrO_qfSvQ4eQEfhcQbCNU0rhW1xCmfJim-wE6BU4c7brYMHoa3sMfYBdSfJAHm9fGtvSeHZanNhiCPumBiRg-bdSvoRf1fx-SglZaMnR3VtBSBoYt4eY3QiAqhFuLwN9TEbagU6MifQdSbVxwLGBnmbm2oCqUnrJVtgBXtiT2PIqewyy359M1jAxYF09brXzdat6w5Hr1KlGwrHOD5Na0b6iDw4KrBodCzo2ldqmh5VUUlRiOmnq-nfzndt_PymV3n7uijzYDEcwQH_fkJuMwytAJNsLZ-cwNutl2xOTElokKO-YwwWB8AtZ1s1IxnGuk__Iwpw9uzM6B8gHQtB8VpOTpKYgOhO_Y4jcr9QMqGAKzfRz8-r59Wj6OiKaWhJ00000vRboi-2iM9NfzTRd5HlC-IAnoYZl-oDZwCwmrv9JUqFbBlRPDnxsouFAfDjGVAa8kpC81IS6JisC0sEdG7kmpijOM5Q5CWs4br3mFD5sCSSmrG-x1alWkhouAmM80SwYVW-kvTIKdHa3Pb6csMD6nWNOANELGE9_cEstzdpQbj7nylwDqKi90LSLquQx50BPJNFihdGJjv9NudVQFgikzirz8Q75Uogkhph3gn_SUyF-IUOc3obNtvxMYTAEWP33bUwMn26kxg2j3rbH_8v0ksWqYTUpY6Y688v6sc2xNE8QkztvdxglHKMK8kGIr6LAGrv4wTtAcuQgYsWZBMSFLdh1NhuoFWD3PsSnrk1KChadB0uSHQTc3BCgg3LcWnqe4X__9XczXVfgD-pGIrtb5MaIKMulT0KjiQkMAYgIQMxLK2snXJ45w_jEhEJpxhgWs7uCgrlsRaH5m7e2cDzFBYfhZl6DKRTO0K1WHKjD13nCMe213OZZkQVfc3Ux-R2f_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://x.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E7E 42 B
64 B 43ms
42ms Fetch
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudSgV1DwAOAcDhfHg59oXm81sAK2xyXJ4IZ-I5GG6fq9YRflLakhkpBRkAG2921o95uE0qVfsobpG5_Tarr9QBQVU0wsenollI75eD2lHz_TBnYTznTe_NnnmExWS_FuZGH1_jWJb6zw&sai=AMfl-YQ-xssjDcgwdzpG4V58i3vLuoYARUXr11-yWVrl-zDNSSaERmboRAAqjwzyOSot6xoXKTvdRZuhQbkcgR9ormSqXXkFWcvU7hkrG7DkLwf0bgodQiU21CrK3qbsLOkSabvz9nbM-QHx9yQIDC5B&sig=Cg0ArKJSzK5gpD4tnYUlEAE&cid=CAQSTgDICaaNkkwN2Q8lihVB7DtbGjnsGp2C-I2bt0l_DTQmYv2FWSXESPg_qRQ2X8-hjruYSVoC0-cVCt9ewntz5bfNMpeANcIy8fMZc9i82BgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700150111963&rpt=1482&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E7E 0
20 B 39ms
38ms Ping
image/gif 2404:6800:4004:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2393292591252&version=m202309260101&ct=76&x=1&cor=7690346985672284000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
216 B 120ms
120ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk6kG,pingTime:1,time:3378,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:2377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2377,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2370~0,0~100%5D,as:%5B2370~728.90%5D%7D%7D,%7Bsl:i,t:2377,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:133,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:318%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:15 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E7E 43 B
216 B 121ms
121ms Image
image/gif 2600:1f13:800:7782:75f2:caaa:71c1:5647
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1527247&asId=ffa0c448-794b-4f0c-8bb0-96db6e73e181&tv=%7Bc:ubk6kG,pingTime:1,time:3378,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:2377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2377,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2370~0,0~100%5D,as:%5B2370~728.90%5D%7D%7D,%7Bsl:i,t:2377,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:133,fm:tVMYBIY+11%7C12%7C13%7C14%7C1511%7C161*.1527247-72330251%7C1611,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:318%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:75f2:caaa:71c1:5647 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:55:15 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.x.gd/	1970-01-21 01:51:50	Name: _ga_K53RX1V2LY Value: GS1.1.1700150111.1.1.1700150111.0.0.0
x.gd/	1970-01-21 01:51:50	Name: si Value: 86mzwoyq
.x.gd/	1970-01-21 01:51:50	Name: _ga Value: GA1.2.1592933797.1700150111
.x.gd/	1970-01-20 16:17:16	Name: _gid Value: GA1.2.1075734830.1700150111
.x.gd/	1970-01-20 16:15:50	Name: _gat Value: 1
.x.gd/	1970-01-21 01:01:26	Name: cf_clearance Value: XkhjOM_m0XL6uJAzhEw7A.sMXy9i4jdyanH8bR8mwVE-1700150111-0-1-83dbaaa8.c3803f7b.c23a56dc-0.2.1700150111
.doubleclick.net/	1970-01-21 01:51:50	Name: IDE Value: AHWqTUkGLqasZk2kS9WizFiNk0FNc-3mFXrLI1_lkdeQOPoI-rV9V20NHU4XJDaS
.x.gd/	1970-01-21 01:37:26	Name: __gads Value: ID=64c951302033d5d0:T=1700150111:RT=1700150111:S=ALNI_MaQ0nxsamX1YHqS4aF--X-5U5b8TA
.x.gd/	1970-01-21 01:37:26	Name: __gpi Value: UID=00000c8a96c692ab:T=1700150111:RT=1700150111:S=ALNI_MYt_Zt-WVazVrH2uA2v25-6xgujDg
.doubleclick.net/	1970-01-20 20:35:02	Name: APC Value: AfxxVi57NlAf5SsTj88KFGTeQtj8EwfCGptWHnAscl7daQn4mQWpQA
.doubleclick.net/	1970-01-20 16:15:53	Name: DSID Value: NO_DATA
.send.microad.jp/	1970-01-20 18:25:26	Name: TR Value: 5694accd5484bcb63456871e39275ef25af7d55062143b81
.turn.com/	1970-01-20 20:35:02	Name: uid Value: 3301286380872812340
.googleadservices.com/	1970-01-20 18:25:26	Name: ar_debug Value: 1
.everesttech.net/	1970-01-21 01:51:50	Name: everest_g_v2 Value: g_surferid~ZVY7YQAABH8DjGCi
.microsoft.com/	1970-01-21 01:01:26	Name: MC1 Value: GUID=42c5b998c1f34510a6781e8e7bca0997&HASH=42c5&LV=202311&V=4&LU=1700150114233
.microsoft.com/	1970-01-21 01:37:26	Name: MUID Value: 26FC8C7BE2D46C5603539FB0E6D46A0B
.analyticspixel.microsoft.com/	1970-01-20 16:25:54	Name: MR Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.everesttech.net
analyticspixel.microsoft.com
bid.g.doubleclick.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
d.turn.com
dco-assets.everestads.net
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
polyfill.io
s-cs.send.microad.jp
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.gd
142.251.42.162
142.251.42.194
172.217.175.66
172.67.140.193
2001:df2:a300:bbbb::136
202.233.84.8
204.79.197.204
23.194.70.16
2404:6800:4004:80f::2002
2404:6800:4004:818::2003
2404:6800:4004:820::2003
2404:6800:4004:820::2008
2404:6800:4004:823::2004
2404:6800:4004:827::200a
2404:6800:4004:827::200e
2404:6800:4004:828::2002
2404:6800:400a:80b::2001
2600:1f13:800:7782:75f2:caaa:71c1:5647
2600:9000:24ba:9c00:8:48e:53c0:93a1
2606:4700::6811:190e
2a04:4e42:200::282
2a04:4e42::485
52.197.53.177
54.244.6.21
74.125.23.155
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01e723d8f0da4e10aa11dd406d5c9b98893da943f5ca4064b97326451448c344
0a9ff32d85258ef227ddc9a6763db635f084caaaaded2d4b28bb98ea0b1253c9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9f3f599c8c620303e3ecb3ef4efc57020d6abfde96b1863afee551fcd5d430
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0fba4b67aba4322cf9ab30ee5f5cfd32eb266cdc18a90ee41a885ed54cc8c1eb
120fe80faa102bac954acf8d3251d3277c0f03dd2da442523c0aab68241a9dac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d725d4212c23cafacb057c1e609f2e2a174016d73ce051dc77ec5e296eff360
217feaf6d6c62daeaec12d06f07758b4d9b2ca4c0880202a9cbb48e1d3eef0a8
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
28113c528144fc17fae62b98b5bb750199d6878990fca21ea7a21ea556b767d1
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2b8d43aacb546c1c4db801c9bd34d7717c8dcac683d526d6a155ab2546062527
2bbda2b2bad2edf3d8aebbd7bce586a54840261b2595e5634a369ef1c9b643c7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f8eee3f3f2a560aed1ae203492b10d2c0a3677aa3f940b815683ec52c53fb18
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c6bb62711a408b536c6f9b7390e1a51a0c9fd096bb3104eee1c08c281378e
336951503a0ffc84310fb5345be5eaa6f9d8a2bdfad0dae493cf3abce96b425f
36f9cbfb43d218b47987374b345ecb40e9c8e585d0c0582aad2d401c2d035bd7
37380456a30c73e388e32e6c60128db13bda229b6083834006629f9a2216338a
38380103a69dbd346c8f62145777cb4f20ec7917d1f9feb7f29ac5ebde76a261
3879b2e0b8c4e431b7c54af8e84e8b8e5d7e8856fed423e2349443f46ab58f2d
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39488b5646fd7a7ba52a4e1a67c4655730f91b93c6681524e4c581090fabb716
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
40ecfb646cad27edde8599b4c3fe70ba88e4953953b30aa58214eb696c01a99a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425ef94913880011ec24054a36396c85a5ac79239344f21c9906576e34066837
429312026f2df992bb5e4f3f559e38492f2322603e1ea33a3db2d3d6541beb15
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c6a5bb37520d3802bf344e433669d6f795ca3f003e7564e4ae82db7714429bd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51e42f06d6a3da19b5e618e837bab6f288e4b2ee70688243274a8b6dd0d78b8d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563a21af7d066a5ed2d05357428e1b96508f9c9e23a39b560ab9fa8fe92f1591
5aeb6a3ffebced4c4b6c56fd0d887bf2fec93c7478fc639695ad9ec32192c70e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b8fa5e16a13325e7d09ca1c2a02fb56454e59da68331217a176ad4d7c13b75
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
71f647b5ddb3de69ad0518e52f68f1f2f018575f7e3dce1c9872693c302cfa16
7b7fc41884f9369db038e9beb5a7c7bf2d754a1032e3c67a9b5e5fbd530cad07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899af7118726b26033f0cfcd94aa35343a8855b928a40cadc16c1a0ce5419997
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
943e9b87328e617dc5dde0f272231be8ac51d8f3d54ae169b47b4b87093e03bb
967b5c96b5ece51bba7888e995b0515e0ab8d6861bca9547648e9c9861795a54
9e0810b268882a75dc522adaffb164ceb233cea8416d02657002a6ca311c64f0
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a3d4e9d6852f95a84fc1a8c127a9487a9a7307c24c1cff5b4b32b3c844fdcdcc
a932604416230684537f03bc523f1b5da6b10b7ee5be83e8b451f0bd8a59acd0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793
b8d6285de7d646abfe3ec205fce7e5366c2d28ce254ad9fdcabcf681597aca6a
becbb472cda64b5ddb1a4842646d11f5d534b81910fec1962e9e7585ad7d98ff
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
c59ecb5f7aa2eb86a3422729a86a150b80c02132d32deb9d7db2dfc8e42f277f
ca5a0d546befc7e52f55ff17427eaa54beefeb3699036f7fa2521474e6e31555
cd0165fdfda56ecc93d0618d4e427afc8802a9d371666559ca8265179cc681cd
d07c165d73c2ba36ed7001a73714801cc03ecfac6f5aa3170e949ae10b8a98c3
d507d098c77d36f603bad205f4b799c865bf12f0543ba35011ceb6774043e357
d73c04a920a5949876ccf0b2ddfc75ff138fb4c551f6467979f3b84390a39e9e
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
db0740eb17879a7458c8925e207fd80ca8424f80ddcde2cdfbc4f7f5b44eed1d
dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7d2cc0d472f62aa3b727cf85e49884926cfedaa2a731b22b82160f10eba758
df81069270574e7a809aab15e915d0f3807b8a1ef5bf30a040450a2e3570edbb
e2bf8926627229c58508f83a89f69d0f3b6d7bc539de3e8a9a7b0dd048116f66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4d06bc5ae7c8f914f0af8a2d444771f3d4d7d6175d2c4f057864ca3d80779
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e66d37d5a331f7b71d22a6fc78829fb49f7b8ce5c6cff769931e5e4e13917108
e8ed9cfdb3caea0b6f5cfa91df5aa6f1861e760115db0cc1901c90fb69069609
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37fb29719b441eb569ded27a94e405544d3afc1d312167aeb6a3489f4962ae9
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f9d63d94d11e65be863b3a754ace1b9f2fa71e5e874d7b0ad2ca3e9a831cf3fa
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

x.gd Open in urlscan Pro 172.67.140.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

95 %HTTPS

60 %IPv6

19 Domains

26 Subdomains

25 IPs

3 Countries

3155 kBTransfer

8112 kBSize

18 Cookies

1 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

x.gd Open in urlscan Pro
172.67.140.193 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

95 %
HTTPS

60 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

3155 kB
Transfer

8112 kB
Size

18
Cookies

125 HTTP transactions
2 data transactions