win.just4fun.biz Open in urlscan Pro
163.44.185.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://win.just4fun.biz/
Effective URL:
https://win.just4fun.biz/
Submission: On July 25 via manual (July 25th 2022, 7:36:13 am UTC) from JP — Scanned from JP

Summary HTTP 166 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 27 domains to perform 166 HTTP transactions. The main IP is 163.44.185.166, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is win.just4fun.biz.
TLS certificate: Issued by R3 on June 5th 2022. Valid for: 3 months.

This is the only time win.just4fun.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	163.44.185.166 163.44.185.166	7506 (INTERQ GM...) (INTERQ GMO Internet)
21	2404:6800:400... 2404:6800:4004:80a::2002	15169 (GOOGLE) (GOOGLE)
9	117.18.237.66 117.18.237.66	15133 (EDGECAST) (EDGECAST)
5	13.225.165.4 13.225.165.4	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f00c:19:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	13.225.165.96 13.225.165.96	16509 (AMAZON-02) (AMAZON-02)
1	143.204.86.111 143.204.86.111	16509 (AMAZON-02) (AMAZON-02)
6	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
16	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
3	13.225.173.49 13.225.173.49	16509 (AMAZON-02) (AMAZON-02)
1	172.217.175.2 172.217.175.2	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:248... 2606:2800:248:1707:10d3:19d0:1ba2:1a23	15133 (EDGECAST) (EDGECAST)
3	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:827::2003	15169 (GOOGLE) (GOOGLE)
18	2404:6800:400... 2404:6800:4004:821::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
2 4	2404:6800:401... 2404:6800:4012:1::2004	15169 (GOOGLE) (GOOGLE)
2	2606:2800:247... 2606:2800:247:9376:8aa7:779e:f6d9:de02	15133 (EDGECAST) (EDGECAST)
4 17	172.217.31.130 172.217.31.130	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	104.254.148.251 104.254.148.251	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	172.217.161.34 172.217.161.34	15169 (GOOGLE) (GOOGLE)
13	2404:6800:400... 2404:6800:4004:810::2006	15169 (GOOGLE) (GOOGLE)
2	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.75.164.118 35.75.164.118	16509 (AMAZON-02) (AMAZON-02)
1	2406:da18:5a5... 2406:da18:5a5:3101:4d9d:a617:21dc:b3d7	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
166	31

22 163.44.185.166 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 163-44-185-166.virt.lolipop.jp

win.just4fun.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 117.18.237.66 (Australia)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.165.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-4.nrt12.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.165.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-96.nrt12.r.cloudfront.net

widgets.getpocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.86.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-111.nrt12.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.173.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-173-49.nrt57.r.cloudfront.net

assets.getpocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.175.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:248:1707:10d3:19d0:1ba2:1a23 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4004:821::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4012:1::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:247:9376:8aa7:779e:f6d9:de02 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.31.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.148.251 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.161.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:810::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore, Singapore) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.75.164.118 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-164-118.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:5a5:3101:4d9d:a617:21dc:b3d7 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	446 KB
36	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296	164 KB
22	just4fun.biz 1 redirects win.just4fun.biz	55 KB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 668 syndication.twitter.com — Cisco Umbrella Rank: 871	247 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	334 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	7 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	1016 B
6	getpocket.com widgets.getpocket.com — Cisco Umbrella Rank: 66018 assets.getpocket.com — Cisco Umbrella Rank: 38990	14 KB
5	openx.net 4 redirects us-u.openx.net — Cisco Umbrella Rank: 391 rtb.openx.net — Cisco Umbrella Rank: 1686	938 B
5	st-hatena.com b.st-hatena.com — Cisco Umbrella Rank: 64281	16 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	170 KB
4	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1353 abs.twimg.com — Cisco Umbrella Rank: 1775 pbs.twimg.com — Cisco Umbrella Rank: 655	8 KB
3	gstatic.com www.gstatic.com	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	3 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 3251	721 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 333	924 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 634	207 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 622	573 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1090	925 B
2	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 46241	914 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	87 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	23 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1431	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	694 B
1	hatena.ne.jp b.hatena.ne.jp — Cisco Umbrella Rank: 61590	1 KB
0	microad.jp Failed s-cs.send.microad.jp Failed
166	27

	Domain	Requested by
22	win.just4fun.biz	1 redirects win.just4fun.biz
21	pagead2.googlesyndication.com	win.just4fun.biz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com
17	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com win.just4fun.biz googleads.g.doubleclick.net
13	s0.2mdn.net	googleads.g.doubleclick.net win.just4fun.biz s0.2mdn.net
9	platform.twitter.com	win.just4fun.biz platform.twitter.com
6	syndication.twitter.com	platform.twitter.com win.just4fun.biz
5	b.st-hatena.com	win.just4fun.biz b.hatena.ne.jp b.st-hatena.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net win.just4fun.biz
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	assets.getpocket.com	widgets.getpocket.com assets.getpocket.com
3	widgets.getpocket.com	win.just4fun.biz widgets.getpocket.com assets.getpocket.com
2	cc.adingo.jp	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	abs.twimg.com	win.just4fun.biz platform.twitter.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.jp	pagead2.googlesyndication.com
2	connect.facebook.net	win.just4fun.biz connect.facebook.net
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pbs.twimg.com	win.just4fun.biz
1	cdn.syndication.twimg.com	platform.twitter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	b.hatena.ne.jp	b.st-hatena.com
0	s-cs.send.microad.jp Failed	googleads.g.doubleclick.net
166	37

This site contains links to these domains. Also see Links.

Domain
linux.just4fun.biz
db.just4fun.biz
web.just4fun.biz
ll.just4fun.biz
c.just4fun.biz
java.just4fun.biz
cryptocurrency.just4fun.biz
minipc.just4fun.biz
windev.just4fun.biz
chrome-os.just4fun.biz
www.sakura-it.com
pukiwiki.osdn.jp

Subject Issuer	Validity	Valid
just4fun.biz R3	`2022-06-05` - `2022-09-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.b.st-hatena.com Amazon	`2021-09-26` - `2022-10-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-03` - `2022-08-01`	3 months	crt.sh
widgets.getpocket.com Amazon	`2022-03-01` - `2023-03-30`	a year	crt.sh
*.b.hatena.ne.jp Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-01-23`	a year	crt.sh
assets.getpocket.com Amazon	`2021-10-08` - `2022-11-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://win.just4fun.biz/
Frame ID: 02CDE26FB70F164C1E9CE8BF91B28ADC
Requests: 48 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fwin.just4fun.biz%2F&layout=standard-balloon&lang=ja&mode=popup
Frame ID: 353A5F2FE254FFE063CA262A81CC50F2
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwin.just4fun.biz
Frame ID: 3AE4848624E15A53272AA8131908733C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 3EB56F22A85B060AB74E70B0BD68C562
Requests: 1 HTTP requests in this frame

Frame: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Fwin.just4fun.biz%2F&title=FrontPage%20-%20Windows%E3%81%A8%E6%9A%AE%E3%82%89%E3%81%99&src=https%3A%2F%2Fwin.just4fun.biz%2F&r=0.8852213675156666
Frame ID: 668D1DE32A2E82C2DEF791D213DE47C4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&adk=1812271804&adf=3025194257&lmt=1658734564&plaf=1%3A1&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=https%3A%2F%2Fwin.just4fun.biz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734564623&bpp=2&bdt=258&idt=232&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2046361563915&frm=20&pv=2&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: ADCB779AB8B132C4928E08A4DA96709B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.ja.html
Frame ID: 52593D0DDE8B5E5854F8DA1D825F248E
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.ja.html
Frame ID: 9B130039BB5C60AEFC08657C7CBDAD6B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12
Frame ID: 6B5DA94090EF4F34FEBBCD8ADB4618BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17
Frame ID: 89BEA50D0ADB4C8B0E814A6A0B4CA24A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2FC864B8D5AF009D3E820757E6E321B0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: B58B792733F98980CD8B3E5423ED838F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 57BC314E9F085A484C7764E7E1564B62
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%89C%E3%83%BC%E5%88%A9%E3%83%86%E3%82%A2%E3%81%BE%E3%82%BF%E5%9B%B0%E3%81%97%E3%82%AA%E3%80%81%E3%82%B5%E3%80%8CTB%E3%81%9B%E9%96%89I%E3%82%8A%E3%81%A6%E3%83%AF%E3%81%98%E3%82%B9%E7%B5%90E%E3%81%AA%E3%81%AE%E3%83%B3%E6%B1%BA%E3%81%8A%E5%A7%8B%E3%80%82%E3%82%8B%E3%81%A7%E3%83%AC%E3%83%88A%E3%82%92%E3%82%A4S%E3%80%8D%E7%94%A8Z%E3%83%93%E3%82%AF%E5%90%88%E3%82%8F%E3%81%99%E5%95%8F%E9%96%8B%E8%A7%A3%E3%83%A9%20%E3%81%84%E5%85%A8%E3%82%B7R%E5%AE%8C%E3%81%8B%E3%81%8F
Frame ID: 61BE06F27DF2F6C56B7AB17FBBDE976E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2EB6515297951044068C148F6C3C09D8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
Frame ID: 9C543FC3C26E72387D7ACB5D6621BA29
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
Frame ID: 6751FFB7E3C63AE9BEC5BC4BE57A3273
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f4dd.png
Frame ID: 159EB095AA161BC441348B2A09E6077C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEY1ba1ywEwAQ&v=APEucNVSLJ53cL-jKN47Eq_0fmOBEHBCC2Nj_Lr5jzihQ9JLQd9GjD4TAup4Xkr9tbPBC24lRRGW5t-xrPQIdfNNAtHTR4_Idw
Frame ID: 8EED4A9134277AD93FAC4DE37BD60CE9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpvA6HNK2F5boIE9qe6viSVHiqt37CmszUNkeDKRpJt_pNMOh9PHiOHbuY8sVXc99GOW6oz7ql5UPXyT20yCxj0V6bWw&cry=1&dbm_d=AKAmf-D5GFYUoCV_E7knSLpUFEIU3DSDum94izohGtNBY2MzipEMdFgTZMALe_F0NBedjQAlFs8O9l-udiAiQTD56cIa524zCAo6E3bQnCZnDtTaCP7uEQNXsIUxIRTT35lKzY3VvG4tLm1q0jCanFOousNDM-McqVGVMTQUijWcctNKUZ-0UK70cFoiSX-msxahuwIqP97NP0PH984sszKmBKPOtQEPgrCOdMSorVlsYkg_sfygNxl8wsQTZZ4jiC9Tye9Vo-zNWcR8A9bXWtlP-vyVB0D4JMCu9cMahZ0r7q3N9hi51c-upyEgiE50x-r4iNrz1ctTS35v8od6OroODp3JSSN7uwJAGd-yhpP88ZJNNmaZgougOdEgEchCeVu0lTo2THlPlQrb2BP5TVetboG5E67iMbEu8KXFCKKQZ9AWnkcEl6Rt1MtZApiAUGV9AphOqhI6rBKgtPL_NXIXL_BVmS6q4ike1hguj2wG4wn0Faie9bSRdlxVdRRdm-Igy0jjCgv6YJw3-PnmWq7HRe_viGMKM9ez7wmtnNVTgOME750B5Cg7bwwjY0rmWhPoWxrmqKHmV1ZBztXK61c0DBQjiFUkSLjvAUwpeey_8cpWLT7bzI9UmIoEPJxoDQZRH99CC16q5UX7JvAq424-hj_jtEl-8aETmL1ijlrkpU_NukjMtRl0gNN22JvLULdnhQ8aAphTRFH6mehhPyOnqELhhW0uJyXhJhh2P1SHgT7q6X13m5GabfxFebnddBB0odnG8jcqazo56w3g6obIZ_5MYev63w9eIXGHNNPu3y4i_VluXkMcNliqz5picmDB-pSNqAzNP0eZPavpIOLYDusQIeCP16iOtdGymGI0Z3fPwy2_qdZPCTMQtiBvGN7alDG-_z5N3Z_aRDUO83bVnV2FQ911qnHcSAHI2vtfq4qi6qWm0OB7TbPBVVDrNQzokFYhME5PMGyXo0E1U5KAHjEeu0gnuhI_izsXWIr6x4xjcg1U3SQNV5oZFZ-q10E4Q3VreBZKjdyLeb-2dSneYynrqb1LMlz-dxuJQs3I-pTKLKAnsOuyLqKva-foqfhcaSjzsYGiei-WoX3aNtCW9vbfE3vwRvLSwC1-DzKRVQ_xm3f1DRJWcU0dvOKGxSztEp_rge5kGzsNC1tkdDG4QhjRk_ISCLCjXrJSFhQkTixBm5_LjFDgbayMfM8WhYj1YI739OOf5Op1T-xu2qqYP0pXFyPQ4MZgHELCk69FzqItXOaHP2d_LewnXsnGLuuHEUcBRalOsjnXyAuHK_PBxFcxlEoPuO0nofgJ3nipQxfTp9Pfh3ASkmGb9Yhk93KUfo6ejnEYRaNrI_nVwp9v-u0Zf9hggjOYaN3pMKTe0gHpiYFqVAHrgccid3NtEmE7FmboLzsRZxXaXo5BfsD2_CTVzyZmKSJvQrKY54ojxynJL9lLXLTRW0s9CHeHQadJBq_KAdQ55Z1_0mVFobl40S9gDrKoBoT-kNUFmtvgfhuYzBUEZVTRS9EP6ADKu3sAHifDLCaova_go1xNg0n_JJeu3H6UR-_BwBmvdsOGFLteWOCBkryJhOhibsMo3fQO16NATDg_SJbLpTaLeQgy2YOF_-4UGDevmCjjt6buqR4gqZj9-K1Byo4ZENfuSXebsrc6wQtb5yASP87K6e3tssoOD0oxYGeNkvpFPliahifjHEzBHGXtc4LolH4pVoJg9H0DYDBi_bnAqUcawTmHg2vUTyZ7TJBV8Q9OC0WelpOMO3wX-n1nMg4Msssf3-Aif3GSU2C2_W9Ajszkg52ErjN5ofaqs_1c7Ch0HBH2h_xGJIuUbctaVVuU_7p2EZFKHtI8ob3pCuF2zL3oDB__sKduIAjqG-oEQMEe36AgLnR9JSf_uahd_QmMxg38UpGcwGUg7B_lQd9JlqvX-HpdTEP17ufCQjuv0y6qx7BkOhDyQ9hYdYNuxsyyQterUBpNgVSwASyBURAx9_h2PB0H-Y3gXdSnSAgNfadVARZpiPa0gAnsDOUiqymFXTrD7Su5EZTbo09OOujyp8wC27MYhKrUf-vwWFQXFtME4KfnEa1yN4GsEOxVQ4W0Tt-GYeQthPte9ML_mDSwE5dzj18UnV5K4y4wkSiBY5BrSX_biAcmTHNIDoYFHRORGVkTQVRNFnmNVkBWIWAHgjIuIEriCjPRlADyBHrYXXuKdX59S_jcECsyjBxkPM5fnKzGuYvhSdpp0na2oAb4rkeNPL7QKywiAFPCGTGxeCBLkcgUuOF2fOMqCe7JTVoN9847ctZwb66Flm5guGzujU50v48_jRpAA8HUBbysnJiSDew6XIKVvKcBZlaT6HJy9611sRfHKUsyZGq1xrssP32-ozql3cXCqjOP3pNg3K4nzRkkH2JqiNnPf7WhED68L2DSZps90IAdpDcv51R08C6xy2CwDHhoCjtv1ysRkF2pm4AO_IN4olHRaLhQP-R35w44ItZ8OyOYos6azfDJL8IV57A9EvGrZdcCY1GRRIlMnSrOY6EjYsMd-jmwqGE1YyMULUglquZZNCVZodscQ7vgGkZdZAgMoF09Q8zLdRnriknPL_kuS4G15EVpepwSVrzZh3xRaQJy44SzL9R16QssIPxQiIOrcgGnI_G5Nfbg74LQKr0kEtaE7WvqcL7i8HqfnhqtwbjnI0aftNhbAYr8dxGqfT8WxMkwYdwX_PUbJavKpJloV43ICoHqKjp9HgqrY2fArnp6Cw_GEzIQ0yIo9JmnVmbE7LaGUOCtxgIcsdlxmPA40IKE8_8j4dZUs4cq0TybTX_jsEnhCvczJIxpqsW9R4yqReaigvfJEQhI119v7ABdXxsl6MUZjeTKCxyGso2_eBC_Xs5mq-2C2FiQHdcGDH3RVIuZMG0_EXtn-NcCVOun4OkiEpEFqrVZiy31eRkxPfInh8o_LpIYFyY3z3BdsTP-KayL4FOOky14FMK5fU5mXix3wFHv6-bw6I6NnE6m17q_pxlbFx_IzVlWtL-3ape6b9_2ty797BycoeDIP5vv1_F2-mmTUFqS7nYwC2l-jK6IKDao9qyeZK_v6S-xsTijsvQFKHFlQ9IzWdj_vppSNjucDYTXhQM3MXrUnoTrc0PycLZ8Bqd2gLaGWUZJk2SFj5pnkjmEx2XOz5gCKVwkP8K283SY8uQA5qsV4LgcB11R-WXuYzQN04SkrAPYOpM6472FczyCNptWXfLHx6gPrV6vt2Q4-fdnpEZLjh8yMUZ11ntEue0qALjgKOUmpKZe0Vq5QQCsIEgWRNL2VvaOt8vAWRtC2fiwytdVh7iNfAd2KpbJ6SAxybWE7wk3VbRTwLSgJTzyzYkJ_j9yqq8sQaUvixcTQMNPt38UysYQyq5t6jKfj8DF59B5hGiJUpeFY9ug7yr8OVY_EgmwQbyhP4y2SbA&cid=CAASJeRolwm8T8lscmqEhAMMXop-U5VOcse7GvhMdIEvQx0goTQ6Zng&rfl=2%2Chttps%253A%252F%252Fwin.just4fun.biz%252F%240
Frame ID: 60EEE95A75F1C484AC5AA0B2514D4372
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYwOXnwAEwAQ&v=APEucNUkheIDzFyOcQ3fazqCvh8o23LRlbhAJb2nYxRLuwUR7eM9jJrik7A5Lfq_CAdzSYsLmVIorcJNsLJ24fdzhA6xHREtdg
Frame ID: 127BFBEAFD118A6E1E3091F459485A30
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYn-TgeRZ9ETbyMcILtQ63BOengrjkgtNLFJYrTTAplEFTT1GIa6COCbKfUZkPlGz0bw9reQAR3P-J9tabWpqX_K3lCg&cry=1&dbm_d=AKAmf-BCdxG_Z-931lHcB2yiIf9JRLV0a8uVt6uihFZqutefWL-p2PA3jvjVXIhRqV2eYPH79tFKRainYJN8mYCOSsLlMpqavmz9ME3wcrI4B97KL25POefOsiMA5epi_zj0M3mYc9GyvrFBOZmL2HG_uR9_RJCrv3bBWmF1RMMsXfbsa0HlO04msQ-2W0sSPOW6NVRMHmip7Z6l5My50g-iaN3u93KwTMFnnr--crdTwko0E4cDZifsaTnwSWpvn6yEm9VoQz9tU31xBN3g9fmXcs_r7jp9LD_0BBjmTwtphkxQibrXc7ZqHHTRsFxnwCp7hcBOQyT_u_AaFJ_fG4ZEWr-XXWz1FACWyCmUbbYlPua97o--BshMQ9gGwAZFgvM3nIpI5evlGq53FtMCrTuRtZBvJ2OHcpjVO2Ip-ANVIKVUseUgWFA9WXJcQiyZ4JO5YqmL6Sga7AoNFeqjLK3Rkzl9FQlpQyeNiJ6kW7eiPq8dYH-OPjyzRainf1JFg8ysQOeJ1AyWC2k38zPHpz0SbHrAdUwY4CXKHrbrr5xRS9Oy_frAXyFOliU9echASt3C08i_JxbSIDrYVH5ICH0_DB4bDEdRy6DvwI7AHcT1H_GjPx57DN7X3Gl64GjwYgl6n4L9_A1Z0f9FpbFDsBe42vtUxCq1A15I1TtDW4QyiILNoZPcC-07PDxueUr-IyQDJuHe87HECIuvqku3MAyvOHxlo4w7O3T1C092l1hh6BluxI3A2pK6IHSAmo1on9fINfXsF7hSarTHJ-__3pSAQlObSEDSb2F1Ik_ZS2evZBhPgh9fMjfuI0H_4JyOPPA3M2LJJ5PLzv22DNcZLzr-49RLp3YpwDjYjF-RB6QoyZlMRx70qCHM9UaiXHa3tZiG86GbauLFo2iGdy8cNBSVdFILhGhJwRue4epkVLRd74LvZcXmv1tIpSHp0pxuRgwJgNAiDC1xoymDHMQt7f_byskkrmBwS6gtL2S1EZD5ywS0_XcfRQt3fJ43FcCfTY-oKI9SAUnNuK3WWmnK_LjpaU8ZTzA1v6pG8X61W6VlMKuqDsx9Q7ROeUyXawBCNSSUS4bWIGA-shkvEI5QqwFY93LxX2Xj-FMrY3lnDXz1fRfGwr6TVezVn5VZSA-fLgL85k4RoeA5wF4nIhwsIhX7ATeSR2fWOBpqX4hSOzrTcmpTCMmiYd3KiMQO7hF8tyDIJfN9Qh4W6BohL-JG4_j_ngDYsMr2fWPkvQCYzdZUAv9FvZJCbYbNzhj6OWGL181aY-kX1aioqlE8gtdGuFZPktOC5ww9NHRcIWh6GviI4o4UlzzsqHcp1tUNbTSGV2zQt_Yg-RSmkoQ3-Z71LdWY9D90iHbVHRSinoQ4L9IVQtGqKsJ9LWZsr4UASzPH5RCASvbRX6qj6rvy771PQ4JY01HhajHrHh7yKaIgr4YzlTd08OcAue3TXod83F0LBS3fmdMSOwiXPBcYnPcwudIBrsflRshsynYrcSTkgezATFS7vZv8itKNq2ktLsl7Iq8qxv4vDn5WfDJgPZIZvx61V8sKPuCm_nf1dazEl2c-F4_aXxWUBlAjL4z3Ums-eSdCGcuNkxO6Anu30jtU7tyb0XQ3s3FaftUwK5axpqnhdPvSE2WHeQf2JE7ZFOEtEdWWEn4LuaA2yjJwszxrYiW1pRUV8fCZzp_BVcPaEWVtiSpCLZXivWE4ahtdfPHMJ_SVUwAJt5YHo-B3iUNjvPW7nOYGi3AjG-JYbFIQshL3hg9b_ORj09gEDXxwSN7VTBvmJjGygUm9uLA4fbR3lDhiB_A6YVyAjLtV6fAUxJIQPOTrk46nIPthOrmP-v0uSzVf5x5SXNyyEAXnofdlDW5f8mX7QmPogGARGpI6_kVk61mzOLUSmMd-IB1IQECyLSWFg95XfSN_D1GAQ6mJ5N7MsIJqZzzcGQ6Br5BU8q58QuTPf27FDK8py_LS4UjPHtNKS7_ehKuu72AZR8pjtSGvhHs9dqedH3YDXz5ACwVZVNNrY_beAKAjYjCgOzbsh2LIoS0z23tc4pxucmsdkPLfpgfdSGSucTm4hVwoOba_d576DZsqUDIBinaUYt2qzNiJI7nIweB40dv5D1ZFL2n3xwGUuhQjYbWKDrork7ozygUxm7RGLZUwoPpW4vDDZdO93yImULnwiLeoU2_w0fDwIh3VNaKmTIbZ8mr6mgTS3uM6tdXo-_bRdN8hRRD8V_VKveZyI6ofzkxR5HwsMyxgSE0ZGlVjA_X71xqdM9ihCTwbbN1it9k1-AbUjpEUpMh-R7sdiekqxNleyR2sjkcEqfVhj-8NEZ_kzPzeYm6Xj6id7xkqRskPTHkzf55E9Kt6WB2xwqxDMWz_hqak24EtBHOT2gXRnJgz1W9tHnCXI6CQbCwekGEG8Ku14FAmYHNTdS7DwckXlkeyjgpgVzVi0aQFG822pJy1XEFgycVjtkmKw-rWor7Kbjoj92t58uUAcpYyiyFhDAuc8qRkVAU9ie3bSGP_0mlZqxgW_NShJ3vFqxobXcbkqfKEAKv-VTPV8TRbBklRLmaUVNg9olj0IXdN6h_ERAF4sw2d6TFZeiygaaww1uPtPCJB_DJnkuyeWiF9YyNshoS0BlGAnuZSw-uh5ay4SJnPaFDfyKu63RxyA5xO3LmjW46GKzz8DpEKew2mRFOfHsQvwLEpsve0SGilIZfiAcq_cZNWdKOczqTv5zjRuA8LX6vbRMSbcJebSwB8pEPfngtlFrVhfLLxzFUJPUkZraGGRnLSCQOY0tcyKdVbc79yKPWwppNI7cMXD96DOE3yOaOH3Oy-m5Rp0DoGgivhA5jSA8dNaWHjouDHYZeSyDpatnjQjPQj_0fDfZHHc09dEHC-ORS6BvxOYDybKMsZDJSIiVak6yX6L90Z94sm0CLpmDmH0pVgb284EidMHAlEvQMtfumG9PjFvTNzokYTXBvM0kzlydPzqXueRLo8W5ZQw4ArmtwdUbIFjolPu0wNcNtMZXSnupTlkdiOtwbS1Sj2X1P5YolFzZulxoKZ2mh7KXRM5iA2ovUEI48U3d2u-SaAvd9HARP0UJ_xtu4Qy_30CbWHZxoQnreF-9kYIJbYZGzqlbrOjdJWJr-G9ijCagi3obQz16JqJa_-zLjNfIxMbFaOPoNDJ-iPVhG1jpNjKyD3UGY6VreqDyqrJ2vMskZuU-5eXYDv_jRh-COEUyEq0KDoRFey0YRWUcCdmYxh_yV4WEh4qYPAqpjI0HW193IrIKS0GQGyDBfTKPYicAw7DsSNM-bsoB5uc1aqFpU5Mmn5Sn_0WHIOADi1HVi4J0ySikWIjbekoSfWKIgeiFw8fBUIRoIPU4i21GbT2TXQNnJpG5PHvPsmEgqK7noZ3PJsxoRDYb-AlU-8Td8Q_g&cid=CAASJeRo2iYeO_Q664jRAa21soSQIk4O-07hMLGSvBRCqPo3oCovbKc&rfl=2%2Chttps%253A%252F%252Fwin.just4fun.biz%252F%240
Frame ID: E85B735271B049F2F65720BC51C2B81F
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD4B2EFDB1F274E8E8F735D91A892175
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7C9ABC45DE8280BF04BF01AD32642F9D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 199579050AF452D7CD23B51AD4D70E69
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
Frame ID: D20F0C2F24B8669CAA43A4FBC7625C4C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0D9A653CB5FD581618AE28C5E56ED3A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FrontPage - Windowsと暮らす

Page URL History Show full URLs

http://win.just4fun.biz/ HTTP 301
https://win.just4fun.biz/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

166
Requests

90 %
HTTPS

46 %
IPv6

27
Domains

37
Subdomains

31
IPs

5
Countries

1587 kB
Transfer

3982 kB
Size

17
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://linux.just4fun.biz/
Title: Linuxと過ごす

Search URL Search Domain Scan URL

URL: https://db.just4fun.biz/
Title: 調べる.db

Search URL Search Domain Scan URL

URL: https://web.just4fun.biz/
Title: Web関連技術調査

Search URL Search Domain Scan URL

URL: https://ll.just4fun.biz/
Title: Lightweight Languageと暮らす

Search URL Search Domain Scan URL

URL: https://c.just4fun.biz/
Title: C言語のお勉強

Search URL Search Domain Scan URL

URL: https://java.just4fun.biz/
Title: Javaコードを書いてみる

Search URL Search Domain Scan URL

URL: https://cryptocurrency.just4fun.biz/
Title: 仮想通貨(暗号通貨)メモ

Search URL Search Domain Scan URL

URL: https://minipc.just4fun.biz/
Title: ミニPC&シングルボードコンピュータ活用術

Search URL Search Domain Scan URL

URL: https://windev.just4fun.biz/
Title: Windowsソフトウェア開発技術情報

Search URL Search Domain Scan URL

URL: https://chrome-os.just4fun.biz/
Title: Chrome OSで十分！

Search URL Search Domain Scan URL

URL: http://www.sakura-it.com/
Title: 株式会社ITサポートさくら

Search URL Search Domain Scan URL

URL: https://www.sakura-it.com/
Title: IT SUPPORT SAKURA

Search URL Search Domain Scan URL

URL: https://pukiwiki.osdn.jp/
Title: PukiWiki Development Team

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://win.just4fun.biz/ HTTP 301
https://win.just4fun.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt5H5k.IF1dPoJ4CuFMWAAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1&google_hm=2

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEP1mZ0UTv_t9gv8c0gb8RBs&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEP1mZ0UTv_t9gv8c0gb8RBs%26google_cver%3D1

Request Chain 117

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQzMDc3ODcyMDc3NjU2OTY5OQ%3D%3D

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKSrTqx0hjkom9OlUuMJrEM&google_cver=1

Request Chain 119

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU4Y2E4OTctMjk5NS0yNzQyLWQ0MTYtNzIzZjQ3NWQ1MWNm

Request Chain 132

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BX35eidhReN-0Q94aNJQo_0uLggz2KDbyfOWE5o8mqchmRwpha7tJYmaefmBX05pBFecwrVIwaf3sF1t98naXKy42cCHgO&google_gid=CAESEBsnN2AYgldY7FbyCx3Jzks&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOaP-ZYGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BZWhsSzRCWDM1ZWlkaFJlTi0wUTk0YU5KUW9fMHVMZ2d6MktEYnlmT1dFNW84bXFjaG1Sd3BoYTd0SlltYWVmbUJYMDVwQkZlY3dyVkl3YWYzc0YxdDk4bmFYS3k0MmNDSGdP HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0JHaDc2RTJoVDFoYjRhLVBVMUlyZXBrM3k2V1M3T1JYOUpPajlXYmtaUQ==&google_push

Request Chain 133

https://rtb.openx.net/sync/dds?google_gid=CAESEDIEAYJXNwezGQuob1DOwcc&google_cver=1&google_push=AehlK4CRkkA8D50Cib7akJd_mRqPIN1uwjpvMU7_Vjlw6GMAY-wKevDRhm8lH4qsQqgjVlRgiGS1v3Zd1gc865WLYyejrNhpGUI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CRkkA8D50Cib7akJd_mRqPIN1uwjpvMU7_Vjlw6GMAY-wKevDRhm8lH4qsQqgjVlRgiGS1v3Zd1gc865WLYyejrNhpGUI&google_hm=prXxYUlkwMgngmQxXqalFQ==

Request Chain 135

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPl7aauUSYBGJ-1OrUdbnK8&google_cver=1&google_push=AehlK4CTeetBPQ9uBjJjcUDNiUpFJPgr_GNXEnGj9iUHC-5zYezFMz-JfHsDc_enqlm_Y9aG6UXB5jl2g6pvXCRfxD6p-QK4PgNE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWDAtMTEtTDNDTw==&google_push=AehlK4CTeetBPQ9uBjJjcUDNiUpFJPgr_GNXEnGj9iUHC-5zYezFMz-JfHsDc_enqlm_Y9aG6UXB5jl2g6pvXCRfxD6p-QK4PgNE

Request Chain 136

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_cver=1&google_push=AehlK4CKTSgvWZtWR5US4nz5UwIOg11TwqKHmeNrbaSPSlAvagKF6cNugAxecXux3X9-1sybEeYwiWhRW-TYGG3ZaX6RbzMSvmvb HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_push=AehlK4CKTSgvWZtWR5US4nz5UwIOg11TwqKHmeNrbaSPSlAvagKF6cNugAxecXux3X9-1sybEeYwiWhRW-TYGG3ZaX6RbzMSvmvb&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_hm=Yt5H5piEdfaFxmfhtV9n-wAAA1oAAAAB&google_nid=index&google_push=AehlK4CKTSgvWZtWR5US4nz5UwIOg11TwqKHmeNrbaSPSlAvagKF6cNugAxecXux3X9-1sybEeYwiWhRW-TYGG3ZaX6RbzMSvmvb

Request Chain 137

https://cc.adingo.jp/adx/push/?google_gid=CAESEB_m9OwUAjFzs0DJ8XYKj7g&google_cver=1&google_push=AehlK4BOvclQH2gZUz4PfKar3l1UOX6rm5p0V5-RvhebnIY_8RlJAoNJLqJ_Rbd21F9Yqp-iiTpFJYdLPgfyvWsjuhN0wdrNjyYZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BOvclQH2gZUz4PfKar3l1UOX6rm5p0V5-RvhebnIY_8RlJAoNJLqJ_Rbd21F9Yqp-iiTpFJYdLPgfyvWsjuhN0wdrNjyYZ&google_hm=6595f5da9e38ba590ffab998836ac11a

Request Chain 149

https://rtb.openx.net/sync/dds?google_gid=CAESEIOSZqddvZTB1wC37-u_gfw&google_cver=1&google_push=AehlK4AziUvnMNQcr81nAMatvoyZY3cydFtjYW7PimsYnyAF6YPLlsBmN8RWYB86yUeKCNcuDFT6sz86tWvvRD_TXQOb7vmHHYAxaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AziUvnMNQcr81nAMatvoyZY3cydFtjYW7PimsYnyAF6YPLlsBmN8RWYB86yUeKCNcuDFT6sz86tWvvRD_TXQOb7vmHHYAxaQ&google_hm=prXxYUlkwMgngmQxXqalFQ==

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELIZFrMXRmwrsNSymQ5EAmY&google_cver=1&google_push=AehlK4DrSWfcIaSmc-USEq8HnBD-gE9WXBjVqZNXIhRnOFCt-Dwli2hwKdStOOKpm4nwnIcQGWlYyRmy3J-88LfUJB7WrfUgriggmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWjQtMU0tS0ZLSA==&google_push=AehlK4DrSWfcIaSmc-USEq8HnBD-gE9WXBjVqZNXIhRnOFCt-Dwli2hwKdStOOKpm4nwnIcQGWlYyRmy3J-88LfUJB7WrfUgriggmQ

Request Chain 152

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELufhgVO8Sq9iSW7zpbM-6A&google_cver=1&google_push=AehlK4D8cYCJIQ1MDw2YADokK0y7ktJ85cHmlPfwRLDNr5qlSqyUjw8CLnUvBuyjP5BylLXiGFjS_Ql5FRZhKwXvgdRnkHmjvZlAjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELufhgVO8Sq9iSW7zpbM-6A&google_hm=Yt5H5k-IF1dPoJ4CuFMWAAAAAQoAAAAB&google_nid=index&google_push=AehlK4D8cYCJIQ1MDw2YADokK0y7ktJ85cHmlPfwRLDNr5qlSqyUjw8CLnUvBuyjP5BylLXiGFjS_Ql5FRZhKwXvgdRnkHmjvZlAjQ

Request Chain 154

https://cc.adingo.jp/adx/push/?google_gid=CAESEEjnvEjmTrcgjk4inWWn4so&google_cver=1&google_push=AehlK4CFxpbLOl_00AecD05JyhDd41pA5tUsUaVp2z0DyPixKsbKQUTVNEws_4mOtEGQPcQWtJ_B8qn43zJS0Tfp-AiNLOBcZ1e9JQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CFxpbLOl_00AecD05JyhDd41pA5tUsUaVp2z0DyPixKsbKQUTVNEws_4mOtEGQPcQWtJ_B8qn43zJS0Tfp-AiNLOBcZ1e9JQ&google_hm=6595f5da9e38ba590ffab998836ac11a

166 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
win.just4fun.biz/
Redirect Chain

http://win.just4fun.biz/
https://win.just4fun.biz/

68 KB
13 KB

217ms
204ms

Document
text/html

163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache / PHP/7.4.30
Resource Hash: fca4b21e7c3b61492f43b26a8736ff3b64cb161d4a6c6192421c9d8efb39555b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: none
cache-control: no-cache
content-encoding: gzip
content-length: 12929
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:36:04 GMT
link: <https://win.just4fun.biz/>; rel="canonical"
pragma: no-cache
server: Apache
vary: Range,Accept-Encoding
x-powered-by: PHP/7.4.30

Redirect headers

Connection: keep-alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 25 Jul 2022 07:36:04 GMT
Location: https://win.just4fun.biz/
Server: Apache

GET
H2 200 pukiwiki.css
win.just4fun.biz/skin/ 11 KB
3 KB 36ms
34ms Stylesheet
text/css 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://win.just4fun.biz/skin/pukiwiki.css
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 4f819d1f9bd940e3f9afe547119ff759dffe8f8823833f524184fbd38648ba4b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Tue, 05 May 2020 06:45:49 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: text/css
accept-ranges: none
content-length: 2695

GET
H2 200 main.js Show response
win.just4fun.biz/skin/ 20 KB
5 KB 40ms
39ms Script
application/javascript 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://win.just4fun.biz/skin/main.js
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: e6910551e66ad611c90363fc505c43595f1487793279029b0b301a5a16405dda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Nov 2019 04:13:35 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: application/javascript
accept-ranges: none
content-length: 5059

GET
H2 200 search2.js Show response
win.just4fun.biz/skin/ 36 KB
8 KB 48ms
48ms Script
application/javascript 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://win.just4fun.biz/skin/search2.js
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 77c7119a791c7e969ceda0aa098e631484ad4304499b02693f50e29c78c19ed1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Sat, 23 Nov 2019 04:13:35 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: application/javascript
accept-ranges: none
content-length: 8433

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 103ms
62ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913adecf67490eb784aa2f315300bc0147eeb33f25779860d778a134d8c7a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56655
x-xss-protection: 0
server: cafe
etag: 14835124928163311425
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 07:36:04 GMT

GET
H2 200 logo.png
win.just4fun.biz/image/ 13 KB
13 KB 65ms
60ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/logo.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 493c2a58e0026f755f581467c89bec0caab1e2cc376ea321aaddc24508506821

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2017 15:54:10 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 12835

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 17ms
2ms Script
application/javascript 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/739E) /
Resource Hash: ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 07:36:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 362
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29212
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:07:06 GMT
Server: ECS (tkb/739E)
Etag: "3b16e031477759af620cd0de990c6783+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 button-only@2x.png
b.st-hatena.com/images/entry-button/ 441 B
886 B 25ms
3ms Image
image/png 13.225.165.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/button-only@2x.png

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-4.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:02:13 GMT
via: 1.1 1483e75f3561ea5852b0d2c8c838e022.cloudfront.net (CloudFront)
age: 5834031
x-cache: Hit from cloudfront
content-length: 441
last-modified: Thu, 12 May 2022 09:02:12 GMT
server: nginx
etag: "627ccd14-1b9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
x-amz-cf-id: jKPAaSMfLed1ee-xPSLkKziR88OYrceFmG9rRoVf2W40TIVH33y5RQ==
expires: Thu, 18 May 2023 19:02:13 GMT

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ 34 KB
11 KB 25ms
3ms Script
application/x-javascript 13.225.165.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-4.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

8061cff8b95ecba84da70eadc863580ba8c5ac3d4870d172020e352e977e6738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 07:34:38 GMT
server: nginx
age: 45218
etag: W/"62d9018e-86cf"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
date: Sun, 24 Jul 2022 19:02:26 GMT
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: wNVdSmb0QTv5oOd_xTBcAWky1AB_ZWrULbSlBXXYukEIrTK3neWz5w==
via: 1.1 1483e75f3561ea5852b0d2c8c838e022.cloudfront.net (CloudFront)
expires: Mon, 25 Jul 2022 19:02:26 GMT

GET
H2 200 sakura-it.png
win.just4fun.biz/image/ 3 KB
3 KB 68ms
63ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/sakura-it.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 6527f24ebc5bd6faa0a2c7477d0daff5600484ea232aadb78e02c5ddb3d7ac85

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2017 15:54:10 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 2730

GET
H2 200 top.png
win.just4fun.biz/image/ 1 KB
778 B 64ms
59ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/top.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 46c1a59d44f082dc007ea2ff9cfef57e0e7f34814a254cda3858dabfca488017

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 610

GET
H2 200 edit.png
win.just4fun.biz/image/ 1 KB
734 B 65ms
60ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/edit.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 57a770eb664551b3875aeaf8b0e96eeba0c7bbc3d7e92242a9d2b4d91b80b636

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 566

GET
H2 200 freeze.png
win.just4fun.biz/image/ 352 B
543 B 62ms
58ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/freeze.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 1ca2c223b337f49a3d785d458d76e3c6b334c66834d2c7c26fed7ade1d58e602

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Sep 2003 01:05:38 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 375

GET
H2 200 diff.png
win.just4fun.biz/image/ 507 B
641 B 66ms
61ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/diff.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: d19c840b263362da35095bddc2e73c272a0660f24ec5e311b50237e47b8297e1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 473

GET
H2 200 backup.png
win.just4fun.biz/image/ 1 KB
590 B 63ms
58ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/backup.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 9f24ccb0914a32787050f4efc536cc61a2553c8cde632e1ba52131d072acf2df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 422

GET
H2 200 file.png
win.just4fun.biz/image/ 1 KB
660 B 65ms
60ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/file.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: ddf53e8d58d2e483b41eb7b6d464b11c743c31b16236097961613befa9cce604

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 492

GET
H2 200 copy.png
win.just4fun.biz/image/ 490 B
681 B 64ms
61ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/copy.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 4830702603e7332bf07f0e97f92fe0fbc3c7e2f03babbbea93a0196c6410d355

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Sep 2003 01:05:38 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 513

GET
H2 200 rename.png
win.just4fun.biz/image/ 339 B
530 B 68ms
65ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/rename.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 0ef11633593d6927137805b71939b0d462cb18a0dd24a691b51021c7cb48fb92

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Sep 2003 01:05:38 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 362

GET
H2 200 reload.png
win.just4fun.biz/image/ 1 KB
757 B 67ms
64ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/reload.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 9a8910988ce54a6cd46e4e58fca0a01f3094ea3b29ac7e48ff98430a360dc0ec

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 589

GET
H2 200 new.png
win.just4fun.biz/image/ 796 B
758 B 67ms
64ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/new.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 41b0ed5e957aa48ab98f51d1b4b9abeeab24cc9ac905419c2b53c96cc10a23af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 590

GET
H2 200 list.png
win.just4fun.biz/image/ 1 KB
537 B 66ms
63ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/list.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 964013d96b76876200fb09fa5e3bee0aff38a5188cd2125b0e588b5c626ca876

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 369

GET
H2 200 search.png
win.just4fun.biz/image/ 1 KB
629 B 67ms
64ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/search.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 22f00268e66f33e8b1b26e2b0f0c600ff33d816bf2a86fb69efbd58c891d1551

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 461

GET
H2 200 recentchanges.png
win.just4fun.biz/image/ 1 KB
874 B 68ms
65ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/recentchanges.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 02a053625712e7e227d5f51e0b3341e984f989ed00a8491f2586a13a5ba8a61f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 706

GET
H2 200 help.png
win.just4fun.biz/image/ 1 KB
654 B 67ms
65ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/help.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 91bd35ce68255f3b2768fc186f5095ff40719af12857f36e57ab501511a83d03

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2003 05:11:06 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 486

GET
H2 200 rss.png
win.just4fun.biz/image/ 950 B
668 B 68ms
66ms Image
image/png 163.44.185.166
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.just4fun.biz/image/rss.png
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.44.185.166 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 163-44-185-166.virt.lolipop.jp
Software: Apache /
Resource Hash: 9c00404934f104a7e593cc36b0f84b55e5ad64e7b25c29e63ab84df4978bf86f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2004 15:19:56 GMT
server: Apache
vary: Range,Accept-Encoding
content-type: image/png
accept-ranges: none
content-length: 500

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 3 KB
2 KB 244ms
81ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

331486816e0ac539ea567c3a717113a2d6eca5be42985c007865f0ee899cd0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ghs3qnDx/VrXpRPSLCY+SQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 25 Jul 2022 07:36:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: /M5TSqshoGMt0VAT6n2GSgGZ5fzx2x/s9hvVg30ax/YVH1IYfwBhsK2PiFh0dQ11Y6S2o/O/31iFITMXFgQpzg==
x-fb-trip-id: 548340344
x-fb-content-md5: 7b7fd48b4410cf46ce1f4408ecd63d8a
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 07:36:04 GMT
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7b94bf54b2fc3a4d960a9f721a017c3c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 btn.js Show response
widgets.getpocket.com/v1/j/ 2 KB
1 KB 83ms
3ms Script
application/javascript 13.225.165.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Requested by: Host: win.just4fun.biz
URL: https://win.just4fun.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-96.nrt12.r.cloudfront.net
Software: Apache/2.4.25 (Debian) /
Resource Hash: 5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:40:05 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 23:34:11 GMT
server: Apache/2.4.25 (Debian)
age: 3360
etag: "90b-5e459279742c0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
content-length: 1037
via: 1.1 6a95c1b1169265b6de940acd51c28f08.cloudfront.net (CloudFront)
x-amz-cf-id: o7X7EMYRuNpJLh8BsAIIqR1lOz2ZH5s05pQVfx7DgUrQFftOtAExSg==

GET
H2 200 / Show response
b.hatena.ne.jp/entry/button/ Frame 353A 1 KB
1 KB 22ms
6ms Document
text/html 143.204.86.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fwin.just4fun.biz%2F&layout=standard-balloon&lang=ja&mode=popup

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/js/bookmark_button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.86.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-86-111.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

e561acb0a43b474c874d3c36659db9b828ee3b675f871afef5d54a681f149d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3526
cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Jul 2022 06:37:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 964d8e4144111f15fc19f420f9419bbc.cloudfront.net (CloudFront)
x-amz-cf-id: o-o4FB-B1WzIYRBqYtjLlTY5nZVOvKzhoIRFFCySnCCaWabtY9OI9A==
x-amz-cf-pop: NRT12-C2
x-cache: Hit from cloudfront

GET
H/1.1 200
OK widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html Show response
platform.twitter.com/widgets/ Frame 3AE4 320 KB
104 KB 2ms
2ms Document
text/html 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwin.just4fun.biz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73EE) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 473200
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Jul 2022 07:36:04 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 19 Jul 2022 20:05:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/73EE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 reset.css
b.st-hatena.com/css/ Frame 353A 2 KB
1 KB 3ms
3ms Stylesheet
text/css 13.225.165.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/reset.css?b4c087f7fbc4fb2ea162ec06ac3c30f22a71d9cd

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fwin.just4fun.biz%2F&layout=standard-balloon&lang=ja&mode=popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-4.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:40:43 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 39321
x-cache: Hit from cloudfront
access-control-allow-origin: https://b.hatena.ne.jp
last-modified: Wed, 20 Jul 2022 09:52:15 GMT
server: nginx
etag: W/"62d7d04f-817"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 1483e75f3561ea5852b0d2c8c838e022.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: uM0hAmANZiTFNsNF70w1y2U4SpNn_Xt0BwhGddYBEWZfXC0fN62Y9g==
expires: Mon, 25 Jul 2022 20:40:43 GMT

GET
H2 200 entry-button.css
b.st-hatena.com/css/ Frame 353A 5 KB
2 KB 4ms
3ms Stylesheet
text/css 13.225.165.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/entry-button.css?b4c087f7fbc4fb2ea162ec06ac3c30f22a71d9cd

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fwin.just4fun.biz%2F&layout=standard-balloon&lang=ja&mode=popup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-4.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 09:52:15 GMT
server: nginx
age: 49261
etag: W/"62d7d04f-134a"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
date: Sun, 24 Jul 2022 17:55:03 GMT
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: iwD5Cc21XeHmeoRL6EIFPZ9VmT6nRnDMFuNj1XB6iMEHDy8jai9wsQ==
via: 1.1 1483e75f3561ea5852b0d2c8c838e022.cloudfront.net (CloudFront)
expires: Mon, 25 Jul 2022 17:55:03 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3AE4 581 B
542 B 384ms
192ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b996ec07d9d79a4563e7ef4f983e298a2df10a80

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwin.just4fun.biz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

fa8fe8f3b53ea62c1c66afb46a7da8bae3e4bbc322963e69aaac076ed49997e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 100
date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 07:36:04 GMT
server: tsa_m
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bdc18e7cdb95385302380ee850c274bd8becf6138034bf01516a49de97fe2f84
content-length: 261

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 338 KB
119 KB 114ms
114ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd9cf5f34dd765ccc81a8bfa3289b92bb500bcc1b61f53f058353aa3ad3a436d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121830
x-xss-protection: 0
server: cafe
etag: 13191758162426741896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 07:36:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 3EB5 10 KB
5 KB 44ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 80
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:34:44 GMT
etag: 8616628553774171045
expires: Mon, 08 Aug 2022 07:34:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 button Show response
widgets.getpocket.com/v1/ Frame 668D 840 B
962 B 4ms
4ms Document
text/html 13.225.165.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Fwin.just4fun.biz%2F&title=FrontPage%20-%20Windows%E3%81%A8%E6%9A%AE%E3%82%89%E3%81%99&src=https%3A%2F%2Fwin.just4fun.biz%2F&r=0.8852213675156666
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-96.nrt12.r.cloudfront.net
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: f98f70f04433ac64ff54f69d3b1d18bd4f44d60165ea5e3ce5bd605f781594a9

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
age: 3360
content-encoding: gzip
content-length: 549
content-location: button.php
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 06:40:04 GMT
server: Apache/2.4.25 (Debian)
tcn: choice
vary: Accept-Encoding
via: 1.1 6a95c1b1169265b6de940acd51c28f08.cloudfront.net (CloudFront)
x-amz-cf-id: 08_5s4OO24uOR6M-XVTUOGctl5oskwjAtaPf4cI1JP_6JXtoXtoyDg==
x-amz-cf-pop: NRT12-C4
x-cache: Hit from cloudfront
x-powered-by: PHP/5.6.40

GET
H2 200 standard-ja.svg
b.st-hatena.com/images/entry-button/ Frame 353A 3 KB
2 KB 3ms
2ms Image
image/svg+xml 13.225.165.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/standard-ja.svg

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/css/entry-button.css?b4c087f7fbc4fb2ea162ec06ac3c30f22a71d9cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-4.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

85c37ef6721ca9bbfd2b115b84e6337980f53c6918dda73ad49a7247c10ac793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.st-hatena.com/css/entry-button.css?b4c087f7fbc4fb2ea162ec06ac3c30f22a71d9cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 17:30:53 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4197911
x-cache: Hit from cloudfront
access-control-allow-origin: https://b.hatena.ne.jp
last-modified: Mon, 06 Jun 2022 01:29:53 GMT
server: nginx
etag: W/"629d5891-a75"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
via: 1.1 1483e75f3561ea5852b0d2c8c838e022.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: vz09eXFxaeLOf-YRsy5XrLAEsTFNpdlmq-KX-AjWhGvX09fsivPBKg==
expires: Tue, 06 Jun 2023 17:30:53 GMT

GET
H/1.1 200
OK widgetButton.91d9e0cb42c020d8c4b1.css
assets.getpocket.com/web/ Frame 668D 3 KB
2 KB 12ms
2ms Stylesheet
text/css 13.225.173.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Fwin.just4fun.biz%2F&title=FrontPage%20-%20Windows%E3%81%A8%E6%9A%AE%E3%82%89%E3%81%99&src=https%3A%2F%2Fwin.just4fun.biz%2F&r=0.8852213675156666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.173.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-173-49.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://widgets.getpocket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 19:15:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 15:53:45 GMT
Server: AmazonS3
Age: 4623656
ETag: W/"5ae752a86d7f88b510c944c8fdbd4398"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 3ee561993ce0c25862001d47ff0cd528.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,s-maxage=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: NRT57-C4
X-Amz-Cf-Id: 9joLHXN_VN1A5YFReNsJrvFeEaZzSuXvbB8pqf__o7Dho9f5f68vvw==

GET
H/1.1 200
OK widgetButton.feb550d464c5482ef251.js Show response
assets.getpocket.com/web/ Frame 668D 20 KB
8 KB 17ms
3ms Script
application/javascript 13.225.173.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.getpocket.com/web/widgetButton.feb550d464c5482ef251.js
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Fwin.just4fun.biz%2F&title=FrontPage%20-%20Windows%E3%81%A8%E6%9A%AE%E3%82%89%E3%81%99&src=https%3A%2F%2Fwin.just4fun.biz%2F&r=0.8852213675156666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.173.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-173-49.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe286d3d2c4aa4a663d5b10b1d53f31bad5b9fee4742170b49835d4f86bcd2bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://widgets.getpocket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 21:00:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 20:15:18 GMT
Server: AmazonS3
Age: 4617362
ETag: W/"66a4e45e3310f3b82b2bb18daee63f70"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3ee561993ce0c25862001d47ff0cd528.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,s-maxage=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: NRT57-C4
X-Amz-Cf-Id: znt7yZlM5HVEU5_cKWQn9oLXj5DWwI-zMYTI2bMqdNAh3qjER0QEjA==

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 295 KB
84 KB 145ms
71ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=09c3aceac4d8e9f14f1944603ec0f758

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9583dca981c06abfdfd5a784064a772e1113ae03554724f91a930362aa1f909b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://win.just4fun.biz/
Origin: https://win.just4fun.biz
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DoVmc2ZE0SxqMFjX1LkCDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 25 Jul 2023 06:03:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86165
x-fb-rlafr: 0
x-fb-debug: vA6uY2lnf9ks1MLY8ANiVQx47pFeBf9yzrJCEbVxiA6FuSGcvyQtZWjV61QxTbh0M2vjIVeXItvXkvX6ITTsNg==
x-fb-content-md5: d15ec8c54c09b6488bd865c580c2ac54
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 07:36:04 GMT
x-frame-options: DENY
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "46ee402de70e15acf17622c97c09c6f5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 saves Show response
widgets.getpocket.com/api/ Frame 668D 12 B
392 B 10ms
9ms XHR
application/json 13.225.165.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/api/saves?url=https%3A%2F%2Fwin.just4fun.biz%2F
Requested by: Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.feb550d464c5482ef251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.165.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-165-96.nrt12.r.cloudfront.net
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: 8a5b8bbe5734e6b099d0348e3f2989c62a11c6320dab4ccd96d902e4992dad9b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://widgets.getpocket.com/v1/button?label=pocket&count=horizontal&v=1&url=https%3A%2F%2Fwin.just4fun.biz%2F&title=FrontPage%20-%20Windows%E3%81%A8%E6%9A%AE%E3%82%89%E3%81%99&src=https%3A%2F%2Fwin.just4fun.biz%2F&r=0.8852213675156666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 06:37:27 GMT
via: 1.1 6a95c1b1169265b6de940acd51c28f08.cloudfront.net (CloudFront)
server: Apache/2.4.25 (Debian)
age: 3517
x-powered-by: PHP/5.6.40
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
tcn: choice
x-amz-cf-pop: NRT12-C4
content-location: saves.php
content-length: 12
x-amz-cf-id: tZqSeY-QCyrmnCjMvU_UC7AB1dvt3mqGNVAp9uJVLAO1lFlPjEpLpw==

GET
H/1.1 200
OK pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
assets.getpocket.com/web/widgetButton/images/ Frame 668D 1 KB
2 KB 2ms
2ms Image
image/png 13.225.173.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.getpocket.com/web/widgetButton/images/pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
Requested by: Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.173.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-173-49.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 22 May 2022 09:05:28 GMT
Via: 1.1 3ee561993ce0c25862001d47ff0cd528.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 19 May 2022 00:08:47 GMT
Server: AmazonS3
Age: 5524237
ETag: "d3a57cce2ccd22d7db8e29ff66dc09df"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000,s-maxage=31536000
X-Amz-Cf-Pop: NRT57-C4
Accept-Ranges: bytes
Content-Length: 1062
X-Amz-Cf-Id: Cu50d8MQJek1j_nljXctiPu2V0ZbY_paFC3AKWbZ_9Py5A7ulRcf_A==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
694 B 86ms
43ms Script
text/javascript 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=win.just4fun.biz&callback=_gfp_s_&client=ca-pub-3876881683303122&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

bd65ea98dc4dbf860a20671be26f4a71ddcabbe7abd57735edd3ab932eb5ea84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 79ms
40ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=win.just4fun.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
42ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=win.just4fun.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 07:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADCB 236 KB
62 KB 714ms
672ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&adk=1812271804&adf=3025194257&lmt=1658734564&plaf=1%3A1&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=https%3A%2F%2Fwin.just4fun.biz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734564623&bpp=2&bdt=258&idt=232&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2046361563915&frm=20&pv=2&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4ef252f7b259c567bc9726c8388594a05b790bc2b60d9505587074d7a4e9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 63641
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:36:05 GMT
expires: Mon, 25 Jul 2022 07:36:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ 7 KB
3 KB 3ms
3ms Script
application/javascript 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/739E) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 07:36:05 GMT
Content-Encoding: gzip
Age: 473204
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:46 GMT
Server: ECS (tkb/739E)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js Show response
platform.twitter.com/js/ 25 KB
8 KB 6ms
3ms Script
application/javascript 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7354) /
Resource Hash: 97f9b7cab9096a1f281f549f2933f26d0421725999c1c0b663d18a27ec602954

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 07:36:05 GMT
Content-Encoding: gzip
Age: 473204
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 8085
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:46 GMT
Server: ECS (tkb/7354)
Etag: "6eb1c1b6c98676595ef63fdeab0f96cf+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.ef1e579d99cb7409198460b5a0fa4ac6.js Show response
platform.twitter.com/js/ 21 KB
7 KB 12ms
5ms Script
application/javascript 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.ef1e579d99cb7409198460b5a0fa4ac6.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/739E) /
Resource Hash: 7eb0a8df21d2aa9f51970e9b5f2ba600511373d1d732e1ac07ee5ec2dd135dd4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 07:36:05 GMT
Content-Encoding: gzip
Age: 473204
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 6583
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:46 GMT
Server: ECS (tkb/739E)
Etag: "4a1879769d9d9fbbce1a234be9cfbeed+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.ja.html Show response
platform.twitter.com/widgets/ Frame 5259 41 KB
16 KB 2ms
2ms Document
text/html 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/739E) /
Resource Hash: 6e429e66b99746c8d62934cdba27860231942b3126c9334d9aea9b8a02ba0edc

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 473198
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15471
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Jul 2022 07:36:05 GMT
Etag: "879c0f35313f85e688df5beb498724c6+gzip"
Last-Modified: Tue, 19 Jul 2022 20:04:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/739E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.ja.html Show response
platform.twitter.com/widgets/ Frame 9B13 37 KB
14 KB 2ms
2ms Document
text/html 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7354) /
Resource Hash: ef96cca4b9a0bfa4222a233c00a9d56e0e461d34366c1425ee5ccc5254136b8d

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 473200
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14101
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Jul 2022 07:36:05 GMT
Etag: "3d7744b57ae9994f4c0096cef2d01809+gzip"
Last-Modified: Tue, 19 Jul 2022 20:04:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/7354)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
379 B 192ms
191ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwin.just4fun.biz%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658734565021%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b996ec07d9d79a4563e7ef4f983e298a2df10a80

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 99
pragma: no-cache
last-modified: Mon, 25 Jul 2022 07:36:05 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdc18e7cdb95385302380ee850c274bd8becf6138034bf01516a49de97fe2f84
x-transaction: 1859cc92d7f0e2de
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
124 B 201ms
200ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwin.just4fun.biz%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658734565021%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b996ec07d9d79a4563e7ef4f983e298a2df10a80

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Mon, 25 Jul 2022 07:36:05 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdc18e7cdb95385302380ee850c274bd8becf6138034bf01516a49de97fe2f84
x-transaction: 17cbb5e6c762c863
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 15 KB
4 KB 1119ms
516ms Script
application/javascript 2606:2800:248:1707:10d3:19d0:1ba2:1a23
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_JUST4FUN_BIZ_old&dnt=false&domain=win.just4fun.biz&lang=ja&screen_name=JUST4FUN_BIZ&suppress_response_codes=true&t=1843038&tweet_limit=2&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:248:1707:10d3:19d0:1ba2:1a23 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_m /

Resource Hash

cbe9878735a73716aa76297165ebd95ab93c5bd57e49861195e94043cc97c525

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=316
content-length: 3101
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 141
last-modified: Mon, 25 Jul 2022 07:36:05 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 4765b6eae58200efa4d35b0b3b5c2d903940d9a85be43b40b85c98b4ba72e6f0
timing-allow-origin: *
x-transaction: 036581efb4eba163
expires: Mon, 25 Jul 2022 07:41:05 GMT

GET
DATA 200
OK truncated
/ Frame 5259 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9B13 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 149 KB
53 KB 82ms
81ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf7fbdabd16aa8b140f10bb3198493560daecb518f59d6d4eaf1d547c3c8855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54524
x-xss-protection: 0
server: cafe
etag: 8880970426070609490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-3876881683303122&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-3876881683303122&warn=12%2C13&w=1600&h=1200&pp=1&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220720_083525&sat=1658488741897&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.151&allp=17&fd=(0%2C14%2C2)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=3718&abl=false&rr=n&su=win.just4fun.biz&pvc=2495299345258815&r=0.1&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 77ms
38ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=win.just4fun.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
37ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=win.just4fun.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B5D 21 KB
10 KB 506ms
506ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6573649cb6d14f4d96f027dd5db2aaa5ed34bdd7303bfbe11b1d6cfb63c8211c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10387
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:36:06 GMT
expires: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89BE 21 KB
10 KB 531ms
530ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10fda81d26c46571ebc459d29f7e62891456a55431fac975d6fb2a2417974aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:36:06 GMT
expires: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-3876881683303122&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame 2FC8 10 KB
4 KB 3ms
3ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:11:21 GMT
etag: 8616628553774171045
expires: Mon, 08 Aug 2022 07:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame B58B 10 KB
4 KB 10ms
10ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.just4fun.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:11:21 GMT
etag: 8616628553774171045
expires: Mon, 08 Aug 2022 07:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2FC8 4 KB
1 KB 99ms
40ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 07:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 07:36:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2FC8 205 B
744 B 61ms
3ms Image
image/png 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 22:47:09 GMT
x-content-type-options: nosniff
age: 118136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Jul 2023 22:47:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2FC8 604 B
696 B 61ms
3ms Image
image/png 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 22:47:14 GMT
x-content-type-options: nosniff
age: 550131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Jul 2023 22:47:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 2FC8 19 KB
9 KB 60ms
4ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:23:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B58B 0
0 58ms
58ms Fetch
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYMi15EfeYpn2OdeJ8AKbsYDIBaeklbNrzrCdv44Q2tkeEAEgp5z8D2CJ88WE9BOgAc2Fk_MCyAECqAMByAPJBKoE5AFP0C2_8-DxCz0J8JzIB6ZcEjh6GDJmo2yldsA94C2Hkt-2zwzo_XD0bBjYqF8DTLrUO5OU-QSZPbjfW5XPpHwvX97defDIbV5TpXdaRf8ivhPV1r0qMEqmC0OvDC-dHJsvKhv7c7d21dI50CzXvSydw5cxSHRGxIp2Nl9Kibc-00QArmbBa32kmI-IuDlbvjFkDcrXN3o7knT4OhsuMsIU9fxUDlRoNAfe-0nUIOo_WZw399IZUXC7hCqAwjvtxqDyistVtCnUDpjUI9fN5W94YjGXNMBGzQY9c7Ur6cmsW2f8AUbABK32v5D3A5IFBAgEGAGSBQQIBRgEoAYCgAe30ZCsAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIjsCtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zODc2ODgxNjgzMzAzMTIyGAA&sigh=cWqTZPjeNeU&uach_m=[UACH]

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 25 Jul 2022 07:36:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame B58B 21 KB
9 KB 55ms
6ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:51 GMT

GET
H2 200 8894350896444472176
tpc.googlesyndication.com/simgad/ Frame B58B 15 KB
15 KB 58ms
10ms Image
image/png 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8894350896444472176?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql5HedBiiHpD3NDvq-0FIXAQw-cXA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af41ae62036908770766eb951408f1a6a597203bf9cd275dacf96f37906ab054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:58:08 GMT
x-content-type-options: nosniff
age: 383877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15507
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 06:43:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 20:58:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame B58B 3 KB
1 KB 56ms
8ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B58B 138 KB
43 KB 102ms
44ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame B58B 17 KB
7 KB 54ms
7ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:35:42 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame B58B 30 KB
12 KB 56ms
9ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f4cec16cd84d3ba943306792a8a1b09e9881c1f23110fa652e1a65e0992da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 10:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12688
x-xss-protection: 0
server: cafe
etag: 6873948312887217847
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 10:20:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 57BC 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:26:38 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 57BC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

78ms
78ms

Document
text/html

2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:36:06 GMT
expires: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:36:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 61BE 976 B
679 B 85ms
46ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%89C%E3%83%BC%E5%88%A9%E3%83%86%E3%82%A2%E3%81%BE%E3%82%BF%E5%9B%B0%E3%81%97%E3%82%AA%E3%80%81%E3%82%B5%E3%80%8CTB%E3%81%9B%E9%96%89I%E3%82%8A%E3%81%A6%E3%83%AF%E3%81%98%E3%82%B9%E7%B5%90E%E3%81%AA%E3%81%AE%E3%83%B3%E6%B1%BA%E3%81%8A%E5%A7%8B%E3%80%82%E3%82%8B%E3%81%A7%E3%83%AC%E3%83%88A%E3%82%92%E3%82%A4S%E3%80%8D%E7%94%A8Z%E3%83%93%E3%82%AF%E5%90%88%E3%82%8F%E3%81%99%E5%95%8F%E9%96%8B%E8%A7%A3%E3%83%A9%20%E3%81%84%E5%85%A8%E3%82%B7R%E5%AE%8C%E3%81%8B%E3%81%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acf097cbfacd3b1f758f44121bd41ffbdc9728f67f89bbdce217e94fbd275526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 07:36:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 07:36:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 61BE 4 KB
814 B 78ms
39ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 07:19:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Jul 2022 07:36:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 61BE 2 KB
902 B 44ms
5ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 61BE 21 KB
8 KB 39ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 61BE 3 KB
1 KB 41ms
4ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61BE 138 KB
42 KB 105ms
63ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 07:36:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 61BE 17 KB
7 KB 41ms
4ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:32:07 GMT

GET
H3 200 ab4c532c1fbaba50606c7d3c45560ace.js Show response
www.gstatic.com/mysidia/ Frame 61BE 30 KB
13 KB 42ms
5ms Script
text/javascript 2404:6800:4004:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12814
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 22:37:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 00:36:54 GMT

GET
DATA 200
OK truncated
/ Frame B58B 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86e0036af8cf10a70104f514f36c6135318d4d8c1f4d7f3edc432dd1cd789100

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2EB6 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:26:38 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2EB6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

118ms
118ms

Document
text/html

2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:36:06 GMT
expires: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 07:36:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C54 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 03:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 03:09:23 GMT

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6751 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 03:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 03:09:23 GMT

GET
H2 200 1f4dd.png
abs.twimg.com/emoji/v2/72x72/ Frame 159E 773 B
1 KB 12ms
3ms Image
image/png 2606:2800:247:9376:8aa7:779e:f6d9:de02
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4dd.png

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:247:9376:8aa7:779e:f6d9:de02 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (tka/89DE) /

Resource Hash

9dbd5500d885c84df2bb614b30b41150bf9e4237a9dd981380348f797d8f751d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
age: 29941831
x-ton-expected-size: 773
x-cache: HIT
content-length: 773
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (tka/89DE)
etag: "qDdGD3FE8+FHyJMLCQp5bg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fed6093c3e0eae94616d759d75c10cca06d409540c649758c2163da4bca6da2e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 25 Jul 2023 07:36:06 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 159E 53 KB
12 KB 3ms
2ms Stylesheet
text/css 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/72B6) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 07:36:06 GMT
Content-Encoding: gzip
Age: 473205
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:41 GMT
Server: ECS (tkb/72B6)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 3ms
3ms Image
text/css 117.18.237.66
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.237.66 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/72B6) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 25 Jul 2022 07:36:06 GMT
Content-Encoding: gzip
Age: 473205
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:41 GMT
Server: ECS (tkb/72B6)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8EED 448 B
269 B 44ms
44ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEY1ba1ywEwAQ&v=APEucNVSLJ53cL-jKN47Eq_0fmOBEHBCC2Nj_Lr5jzihQ9JLQd9GjD4TAup4Xkr9tbPBC24lRRGW5t-xrPQIdfNNAtHTR4_Idw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 60EE 61 KB
30 KB 77ms
77ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpvA6HNK2F5boIE9qe6viSVHiqt37CmszUNkeDKRpJt_pNMOh9PHiOHbuY8sVXc99GOW6oz7ql5UPXyT20yCxj0V6bWw&cry=1&dbm_d=AKAmf-D5GFYUoCV_E7knSLpUFEIU3DSDum94izohGtNBY2MzipEMdFgTZMALe_F0NBedjQAlFs8O9l-udiAiQTD56cIa524zCAo6E3bQnCZnDtTaCP7uEQNXsIUxIRTT35lKzY3VvG4tLm1q0jCanFOousNDM-McqVGVMTQUijWcctNKUZ-0UK70cFoiSX-msxahuwIqP97NP0PH984sszKmBKPOtQEPgrCOdMSorVlsYkg_sfygNxl8wsQTZZ4jiC9Tye9Vo-zNWcR8A9bXWtlP-vyVB0D4JMCu9cMahZ0r7q3N9hi51c-upyEgiE50x-r4iNrz1ctTS35v8od6OroODp3JSSN7uwJAGd-yhpP88ZJNNmaZgougOdEgEchCeVu0lTo2THlPlQrb2BP5TVetboG5E67iMbEu8KXFCKKQZ9AWnkcEl6Rt1MtZApiAUGV9AphOqhI6rBKgtPL_NXIXL_BVmS6q4ike1hguj2wG4wn0Faie9bSRdlxVdRRdm-Igy0jjCgv6YJw3-PnmWq7HRe_viGMKM9ez7wmtnNVTgOME750B5Cg7bwwjY0rmWhPoWxrmqKHmV1ZBztXK61c0DBQjiFUkSLjvAUwpeey_8cpWLT7bzI9UmIoEPJxoDQZRH99CC16q5UX7JvAq424-hj_jtEl-8aETmL1ijlrkpU_NukjMtRl0gNN22JvLULdnhQ8aAphTRFH6mehhPyOnqELhhW0uJyXhJhh2P1SHgT7q6X13m5GabfxFebnddBB0odnG8jcqazo56w3g6obIZ_5MYev63w9eIXGHNNPu3y4i_VluXkMcNliqz5picmDB-pSNqAzNP0eZPavpIOLYDusQIeCP16iOtdGymGI0Z3fPwy2_qdZPCTMQtiBvGN7alDG-_z5N3Z_aRDUO83bVnV2FQ911qnHcSAHI2vtfq4qi6qWm0OB7TbPBVVDrNQzokFYhME5PMGyXo0E1U5KAHjEeu0gnuhI_izsXWIr6x4xjcg1U3SQNV5oZFZ-q10E4Q3VreBZKjdyLeb-2dSneYynrqb1LMlz-dxuJQs3I-pTKLKAnsOuyLqKva-foqfhcaSjzsYGiei-WoX3aNtCW9vbfE3vwRvLSwC1-DzKRVQ_xm3f1DRJWcU0dvOKGxSztEp_rge5kGzsNC1tkdDG4QhjRk_ISCLCjXrJSFhQkTixBm5_LjFDgbayMfM8WhYj1YI739OOf5Op1T-xu2qqYP0pXFyPQ4MZgHELCk69FzqItXOaHP2d_LewnXsnGLuuHEUcBRalOsjnXyAuHK_PBxFcxlEoPuO0nofgJ3nipQxfTp9Pfh3ASkmGb9Yhk93KUfo6ejnEYRaNrI_nVwp9v-u0Zf9hggjOYaN3pMKTe0gHpiYFqVAHrgccid3NtEmE7FmboLzsRZxXaXo5BfsD2_CTVzyZmKSJvQrKY54ojxynJL9lLXLTRW0s9CHeHQadJBq_KAdQ55Z1_0mVFobl40S9gDrKoBoT-kNUFmtvgfhuYzBUEZVTRS9EP6ADKu3sAHifDLCaova_go1xNg0n_JJeu3H6UR-_BwBmvdsOGFLteWOCBkryJhOhibsMo3fQO16NATDg_SJbLpTaLeQgy2YOF_-4UGDevmCjjt6buqR4gqZj9-K1Byo4ZENfuSXebsrc6wQtb5yASP87K6e3tssoOD0oxYGeNkvpFPliahifjHEzBHGXtc4LolH4pVoJg9H0DYDBi_bnAqUcawTmHg2vUTyZ7TJBV8Q9OC0WelpOMO3wX-n1nMg4Msssf3-Aif3GSU2C2_W9Ajszkg52ErjN5ofaqs_1c7Ch0HBH2h_xGJIuUbctaVVuU_7p2EZFKHtI8ob3pCuF2zL3oDB__sKduIAjqG-oEQMEe36AgLnR9JSf_uahd_QmMxg38UpGcwGUg7B_lQd9JlqvX-HpdTEP17ufCQjuv0y6qx7BkOhDyQ9hYdYNuxsyyQterUBpNgVSwASyBURAx9_h2PB0H-Y3gXdSnSAgNfadVARZpiPa0gAnsDOUiqymFXTrD7Su5EZTbo09OOujyp8wC27MYhKrUf-vwWFQXFtME4KfnEa1yN4GsEOxVQ4W0Tt-GYeQthPte9ML_mDSwE5dzj18UnV5K4y4wkSiBY5BrSX_biAcmTHNIDoYFHRORGVkTQVRNFnmNVkBWIWAHgjIuIEriCjPRlADyBHrYXXuKdX59S_jcECsyjBxkPM5fnKzGuYvhSdpp0na2oAb4rkeNPL7QKywiAFPCGTGxeCBLkcgUuOF2fOMqCe7JTVoN9847ctZwb66Flm5guGzujU50v48_jRpAA8HUBbysnJiSDew6XIKVvKcBZlaT6HJy9611sRfHKUsyZGq1xrssP32-ozql3cXCqjOP3pNg3K4nzRkkH2JqiNnPf7WhED68L2DSZps90IAdpDcv51R08C6xy2CwDHhoCjtv1ysRkF2pm4AO_IN4olHRaLhQP-R35w44ItZ8OyOYos6azfDJL8IV57A9EvGrZdcCY1GRRIlMnSrOY6EjYsMd-jmwqGE1YyMULUglquZZNCVZodscQ7vgGkZdZAgMoF09Q8zLdRnriknPL_kuS4G15EVpepwSVrzZh3xRaQJy44SzL9R16QssIPxQiIOrcgGnI_G5Nfbg74LQKr0kEtaE7WvqcL7i8HqfnhqtwbjnI0aftNhbAYr8dxGqfT8WxMkwYdwX_PUbJavKpJloV43ICoHqKjp9HgqrY2fArnp6Cw_GEzIQ0yIo9JmnVmbE7LaGUOCtxgIcsdlxmPA40IKE8_8j4dZUs4cq0TybTX_jsEnhCvczJIxpqsW9R4yqReaigvfJEQhI119v7ABdXxsl6MUZjeTKCxyGso2_eBC_Xs5mq-2C2FiQHdcGDH3RVIuZMG0_EXtn-NcCVOun4OkiEpEFqrVZiy31eRkxPfInh8o_LpIYFyY3z3BdsTP-KayL4FOOky14FMK5fU5mXix3wFHv6-bw6I6NnE6m17q_pxlbFx_IzVlWtL-3ape6b9_2ty797BycoeDIP5vv1_F2-mmTUFqS7nYwC2l-jK6IKDao9qyeZK_v6S-xsTijsvQFKHFlQ9IzWdj_vppSNjucDYTXhQM3MXrUnoTrc0PycLZ8Bqd2gLaGWUZJk2SFj5pnkjmEx2XOz5gCKVwkP8K283SY8uQA5qsV4LgcB11R-WXuYzQN04SkrAPYOpM6472FczyCNptWXfLHx6gPrV6vt2Q4-fdnpEZLjh8yMUZ11ntEue0qALjgKOUmpKZe0Vq5QQCsIEgWRNL2VvaOt8vAWRtC2fiwytdVh7iNfAd2KpbJ6SAxybWE7wk3VbRTwLSgJTzyzYkJ_j9yqq8sQaUvixcTQMNPt38UysYQyq5t6jKfj8DF59B5hGiJUpeFY9ug7yr8OVY_EgmwQbyhP4y2SbA&cid=CAASJeRolwm8T8lscmqEhAMMXop-U5VOcse7GvhMdIEvQx0goTQ6Zng&rfl=2%2Chttps%253A%252F%252Fwin.just4fun.biz%252F%240

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb8fc4601f70fbaadb6c026c84392f0f504db45562875f20c70944d279a8cebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 60EE 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60EE 138 KB
42 KB 106ms
106ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 07:36:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 60EE 17 KB
7 KB 3ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:32:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 60EE 0
0 114ms
41ms Image
text/html 2404:6800:4012:1::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfn7XO2aNAFhA-VU1xy-Pr9bgqbSs5ICl6-OtvCVcT0Ex12AQ8S4-q1R0AuiilBt641ZGWNUrS8u5nBGs0wXfIGsgM4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4012:1::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60EE 42 B
63 B 41ms
40ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8X5QFHal73u7RdNuNrIQoHaQ7QPHXap0Tb9DTLrndx-2gbDkIIAD6nsr9txdP8_4hbqyt1r_IQmyznNNIHaLRT93_DUOSxygjBknTr0eobAzP_aE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 127B 611 B
316 B 41ms
41ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYwOXnwAEwAQ&v=APEucNUkheIDzFyOcQ3fazqCvh8o23LRlbhAJb2nYxRLuwUR7eM9jJrik7A5Lfq_CAdzSYsLmVIorcJNsLJ24fdzhA6xHREtdg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E85B 78 KB
33 KB 77ms
77ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYn-TgeRZ9ETbyMcILtQ63BOengrjkgtNLFJYrTTAplEFTT1GIa6COCbKfUZkPlGz0bw9reQAR3P-J9tabWpqX_K3lCg&cry=1&dbm_d=AKAmf-BCdxG_Z-931lHcB2yiIf9JRLV0a8uVt6uihFZqutefWL-p2PA3jvjVXIhRqV2eYPH79tFKRainYJN8mYCOSsLlMpqavmz9ME3wcrI4B97KL25POefOsiMA5epi_zj0M3mYc9GyvrFBOZmL2HG_uR9_RJCrv3bBWmF1RMMsXfbsa0HlO04msQ-2W0sSPOW6NVRMHmip7Z6l5My50g-iaN3u93KwTMFnnr--crdTwko0E4cDZifsaTnwSWpvn6yEm9VoQz9tU31xBN3g9fmXcs_r7jp9LD_0BBjmTwtphkxQibrXc7ZqHHTRsFxnwCp7hcBOQyT_u_AaFJ_fG4ZEWr-XXWz1FACWyCmUbbYlPua97o--BshMQ9gGwAZFgvM3nIpI5evlGq53FtMCrTuRtZBvJ2OHcpjVO2Ip-ANVIKVUseUgWFA9WXJcQiyZ4JO5YqmL6Sga7AoNFeqjLK3Rkzl9FQlpQyeNiJ6kW7eiPq8dYH-OPjyzRainf1JFg8ysQOeJ1AyWC2k38zPHpz0SbHrAdUwY4CXKHrbrr5xRS9Oy_frAXyFOliU9echASt3C08i_JxbSIDrYVH5ICH0_DB4bDEdRy6DvwI7AHcT1H_GjPx57DN7X3Gl64GjwYgl6n4L9_A1Z0f9FpbFDsBe42vtUxCq1A15I1TtDW4QyiILNoZPcC-07PDxueUr-IyQDJuHe87HECIuvqku3MAyvOHxlo4w7O3T1C092l1hh6BluxI3A2pK6IHSAmo1on9fINfXsF7hSarTHJ-__3pSAQlObSEDSb2F1Ik_ZS2evZBhPgh9fMjfuI0H_4JyOPPA3M2LJJ5PLzv22DNcZLzr-49RLp3YpwDjYjF-RB6QoyZlMRx70qCHM9UaiXHa3tZiG86GbauLFo2iGdy8cNBSVdFILhGhJwRue4epkVLRd74LvZcXmv1tIpSHp0pxuRgwJgNAiDC1xoymDHMQt7f_byskkrmBwS6gtL2S1EZD5ywS0_XcfRQt3fJ43FcCfTY-oKI9SAUnNuK3WWmnK_LjpaU8ZTzA1v6pG8X61W6VlMKuqDsx9Q7ROeUyXawBCNSSUS4bWIGA-shkvEI5QqwFY93LxX2Xj-FMrY3lnDXz1fRfGwr6TVezVn5VZSA-fLgL85k4RoeA5wF4nIhwsIhX7ATeSR2fWOBpqX4hSOzrTcmpTCMmiYd3KiMQO7hF8tyDIJfN9Qh4W6BohL-JG4_j_ngDYsMr2fWPkvQCYzdZUAv9FvZJCbYbNzhj6OWGL181aY-kX1aioqlE8gtdGuFZPktOC5ww9NHRcIWh6GviI4o4UlzzsqHcp1tUNbTSGV2zQt_Yg-RSmkoQ3-Z71LdWY9D90iHbVHRSinoQ4L9IVQtGqKsJ9LWZsr4UASzPH5RCASvbRX6qj6rvy771PQ4JY01HhajHrHh7yKaIgr4YzlTd08OcAue3TXod83F0LBS3fmdMSOwiXPBcYnPcwudIBrsflRshsynYrcSTkgezATFS7vZv8itKNq2ktLsl7Iq8qxv4vDn5WfDJgPZIZvx61V8sKPuCm_nf1dazEl2c-F4_aXxWUBlAjL4z3Ums-eSdCGcuNkxO6Anu30jtU7tyb0XQ3s3FaftUwK5axpqnhdPvSE2WHeQf2JE7ZFOEtEdWWEn4LuaA2yjJwszxrYiW1pRUV8fCZzp_BVcPaEWVtiSpCLZXivWE4ahtdfPHMJ_SVUwAJt5YHo-B3iUNjvPW7nOYGi3AjG-JYbFIQshL3hg9b_ORj09gEDXxwSN7VTBvmJjGygUm9uLA4fbR3lDhiB_A6YVyAjLtV6fAUxJIQPOTrk46nIPthOrmP-v0uSzVf5x5SXNyyEAXnofdlDW5f8mX7QmPogGARGpI6_kVk61mzOLUSmMd-IB1IQECyLSWFg95XfSN_D1GAQ6mJ5N7MsIJqZzzcGQ6Br5BU8q58QuTPf27FDK8py_LS4UjPHtNKS7_ehKuu72AZR8pjtSGvhHs9dqedH3YDXz5ACwVZVNNrY_beAKAjYjCgOzbsh2LIoS0z23tc4pxucmsdkPLfpgfdSGSucTm4hVwoOba_d576DZsqUDIBinaUYt2qzNiJI7nIweB40dv5D1ZFL2n3xwGUuhQjYbWKDrork7ozygUxm7RGLZUwoPpW4vDDZdO93yImULnwiLeoU2_w0fDwIh3VNaKmTIbZ8mr6mgTS3uM6tdXo-_bRdN8hRRD8V_VKveZyI6ofzkxR5HwsMyxgSE0ZGlVjA_X71xqdM9ihCTwbbN1it9k1-AbUjpEUpMh-R7sdiekqxNleyR2sjkcEqfVhj-8NEZ_kzPzeYm6Xj6id7xkqRskPTHkzf55E9Kt6WB2xwqxDMWz_hqak24EtBHOT2gXRnJgz1W9tHnCXI6CQbCwekGEG8Ku14FAmYHNTdS7DwckXlkeyjgpgVzVi0aQFG822pJy1XEFgycVjtkmKw-rWor7Kbjoj92t58uUAcpYyiyFhDAuc8qRkVAU9ie3bSGP_0mlZqxgW_NShJ3vFqxobXcbkqfKEAKv-VTPV8TRbBklRLmaUVNg9olj0IXdN6h_ERAF4sw2d6TFZeiygaaww1uPtPCJB_DJnkuyeWiF9YyNshoS0BlGAnuZSw-uh5ay4SJnPaFDfyKu63RxyA5xO3LmjW46GKzz8DpEKew2mRFOfHsQvwLEpsve0SGilIZfiAcq_cZNWdKOczqTv5zjRuA8LX6vbRMSbcJebSwB8pEPfngtlFrVhfLLxzFUJPUkZraGGRnLSCQOY0tcyKdVbc79yKPWwppNI7cMXD96DOE3yOaOH3Oy-m5Rp0DoGgivhA5jSA8dNaWHjouDHYZeSyDpatnjQjPQj_0fDfZHHc09dEHC-ORS6BvxOYDybKMsZDJSIiVak6yX6L90Z94sm0CLpmDmH0pVgb284EidMHAlEvQMtfumG9PjFvTNzokYTXBvM0kzlydPzqXueRLo8W5ZQw4ArmtwdUbIFjolPu0wNcNtMZXSnupTlkdiOtwbS1Sj2X1P5YolFzZulxoKZ2mh7KXRM5iA2ovUEI48U3d2u-SaAvd9HARP0UJ_xtu4Qy_30CbWHZxoQnreF-9kYIJbYZGzqlbrOjdJWJr-G9ijCagi3obQz16JqJa_-zLjNfIxMbFaOPoNDJ-iPVhG1jpNjKyD3UGY6VreqDyqrJ2vMskZuU-5eXYDv_jRh-COEUyEq0KDoRFey0YRWUcCdmYxh_yV4WEh4qYPAqpjI0HW193IrIKS0GQGyDBfTKPYicAw7DsSNM-bsoB5uc1aqFpU5Mmn5Sn_0WHIOADi1HVi4J0ySikWIjbekoSfWKIgeiFw8fBUIRoIPU4i21GbT2TXQNnJpG5PHvPsmEgqK7noZ3PJsxoRDYb-AlU-8Td8Q_g&cid=CAASJeRo2iYeO_Q664jRAa21soSQIk4O-07hMLGSvBRCqPo3oCovbKc&rfl=2%2Chttps%253A%252F%252Fwin.just4fun.biz%252F%240

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feee6b827e72793928c8447a1db0f98b2a5e35307cfeb0ccbb425e9ae2a16610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33787
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame E85B 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:31:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E85B 138 KB
42 KB 137ms
136ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 07:36:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame E85B 17 KB
7 KB 3ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:32:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E85B 0
0 103ms
40ms Image
text/html 2404:6800:4012:1::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNY3CX6xi7Q_oQTRZzO5yYsAzIDAMUYiqLkU7LxLpEeRU2AQ_nKBLeP9ojZ8I-xInUPtv9syBInkeeveA5onRYoj91JA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4012:1::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E85B 42 B
63 B 39ms
39ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CTNuNCxwHJku7_mdjoR7x-oFKaH-zM4Fk7llkXmeraaGYId-mjJKcf5rYRq0aokDkGvk9Im_MPiIdRPgXj9gRZ-W9Z3DlFikTaKv9B0YjctanZQPg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1f4dd.png
abs.twimg.com/emoji/v2/72x72/ Frame 159E 773 B
848 B 2ms
2ms Image
image/png 2606:2800:247:9376:8aa7:779e:f6d9:de02
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4dd.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:247:9376:8aa7:779e:f6d9:de02 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (tka/89DE) /

Resource Hash

9dbd5500d885c84df2bb614b30b41150bf9e4237a9dd981380348f797d8f751d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
age: 29941831
x-ton-expected-size: 773
x-cache: HIT
content-length: 773
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECAcc (tka/89DE)
etag: "qDdGD3FE8+FHyJMLCQp5bg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fed6093c3e0eae94616d759d75c10cca06d409540c649758c2163da4bca6da2e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 25 Jul 2023 07:36:06 GMT

GET
H2 200 3-WYypGq_normal.jpg
pbs.twimg.com/profile_images/1216680704764809218/ Frame 159E 2 KB
3 KB 1218ms
200ms Image
image/jpeg 2606:2800:248:1707:10d3:19d0:1ba2:1a23
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1216680704764809218/3-WYypGq_normal.jpg

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:248:1707:10d3:19d0:1ba2:1a23 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E787) /

Resource Hash

52e21c36fd2df02d14411bc6f9e6972c5b67705cfa98c9ee1f1304ec8ac10070

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:07 GMT
x-content-type-options: nosniff
age: 66
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2187
x-response-time: 12
surrogate-key: profile_images profile_images/bucket/4 profile_images/1216680704764809218
last-modified: Mon, 13 Jan 2020 11:15:39 GMT
server: ECS (nwa/E787)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ef4a691962d9a37cd7ea29974a61d7324663d384445c78d243968863e30f1d32
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame 159E 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 159E 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 159E 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 159E 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET cs
s-cs.send.microad.jp/ Frame 8EED 0
0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8EED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1

43 B
913 B

81ms
81ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEY1ba1ywEwAQ&v=APEucNVSLJ53cL-jKN47Eq_0fmOBEHBCC2Nj_Lr5jzihQ9JLQd9GjD4TAup4Xkr9tbPBC24lRRGW5t-xrPQIdfNNAtHTR4_Idw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 730339004a7434d5-NRT
pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnmK8zIKzkl98OwjIc2C%2BTbSWUXW%2FPBPCsjL%2BPQtb3jSgqUbRC055TdHppPEo%2BzQQhdA8zL2nzCVnKcsEjTLG0qNbF6lS%2FltoFADKbJVQqSe6GY%2F8aNVwP5WspOr17N2euHyplCVQz7Zog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8EED
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt5H5k.IF1dPoJ4CuFMWAAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1&google_hm=2

43 B
912 B

99ms
98ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEY1ba1ywEwAQ&v=APEucNVSLJ53cL-jKN47Eq_0fmOBEHBCC2Nj_Lr5jzihQ9JLQd9GjD4TAup4Xkr9tbPBC24lRRGW5t-xrPQIdfNNAtHTR4_Idw
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 730339010b8f34d5-NRT
pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4%2B72CvvGvYVhRlyMlzsYK41BuzLVOugt3wO6axOodQPBYTslR7umvOtHC4%2B%2F1nkWPXJb%2BRck5oA%2FKaowto4ARYrxMuCwT3eTcZtcJX2rESWvcHlCaOZEM72ym7gbDVhbfjFkxdD%2Bgn9Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEra42WrCe8RhORqjIZ04P8&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 127B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEP1mZ0UTv_t9gv8c0gb8RBs&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEP1mZ0UTv_t9gv8c0gb8RBs%26google_cver%3D1

43 B
1 KB

100ms
100ms

Image
image/gif

104.254.148.251
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEP1mZ0UTv_t9gv8c0gb8RBs%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYwOXnwAEwAQ&v=APEucNUkheIDzFyOcQ3fazqCvh8o23LRlbhAJb2nYxRLuwUR7eM9jJrik7A5Lfq_CAdzSYsLmVIorcJNsLJ24fdzhA6xHREtdg

Protocol

HTTP/1.1

Server

104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 07:36:06 GMT
X-Proxy-Origin: 217.138.252.53; 217.138.252.53; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 82a9b71a-a6dc-41e8-82c0-9b33acc13db1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 07:36:06 GMT
X-Proxy-Origin: 217.138.252.53; 217.138.252.53; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e94eb877-5b33-480f-8ddf-80022777d807
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEP1mZ0UTv_t9gv8c0gb8RBs%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 127B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQzMDc3ODcyMDc3NjU2OTY5OQ%3D%3D

170 B
188 B

42ms
42ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQzMDc3ODcyMDc3NjU2OTY5OQ%3D%3D

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 07:36:06 GMT
X-Proxy-Origin: 217.138.252.53; 217.138.252.53; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 37b7101f-5b24-4fab-a35c-aaba8bc0f87c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQzMDc3ODcyMDc3NjU2OTY5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 127B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKSrTqx0hjkom9OlUuMJrEM&google_cver=1

43 B
61 B

42ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKSrTqx0hjkom9OlUuMJrEM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYwOXnwAEwAQ&v=APEucNUkheIDzFyOcQ3fazqCvh8o23LRlbhAJb2nYxRLuwUR7eM9jJrik7A5Lfq_CAdzSYsLmVIorcJNsLJ24fdzhA6xHREtdg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
via: 1.1 google
server: OXGW/485d39a
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKSrTqx0hjkom9OlUuMJrEM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 127B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU4Y2E4OTctMjk5NS0yNzQyLWQ0MTYtNzIzZjQ3NWQ1MWNm

170 B
188 B

84ms
41ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU4Y2E4OTctMjk5NS0yNzQyLWQ0MTYtNzIzZjQ3NWQ1MWNm

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU4Y2E4OTctMjk5NS0yNzQyLWQ0MTYtNzIzZjQ3NWQ1MWNm
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 60EE 27 KB
10 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpvA6HNK2F5boIE9qe6viSVHiqt37CmszUNkeDKRpJt_pNMOh9PHiOHbuY8sVXc99GOW6oz7ql5UPXyT20yCxj0V6bWw&cry=1&dbm_d=AKAmf-D5GFYUoCV_E7knSLpUFEIU3DSDum94izohGtNBY2MzipEMdFgTZMALe_F0NBedjQAlFs8O9l-udiAiQTD56cIa524zCAo6E3bQnCZnDtTaCP7uEQNXsIUxIRTT35lKzY3VvG4tLm1q0jCanFOousNDM-McqVGVMTQUijWcctNKUZ-0UK70cFoiSX-msxahuwIqP97NP0PH984sszKmBKPOtQEPgrCOdMSorVlsYkg_sfygNxl8wsQTZZ4jiC9Tye9Vo-zNWcR8A9bXWtlP-vyVB0D4JMCu9cMahZ0r7q3N9hi51c-upyEgiE50x-r4iNrz1ctTS35v8od6OroODp3JSSN7uwJAGd-yhpP88ZJNNmaZgougOdEgEchCeVu0lTo2THlPlQrb2BP5TVetboG5E67iMbEu8KXFCKKQZ9AWnkcEl6Rt1MtZApiAUGV9AphOqhI6rBKgtPL_NXIXL_BVmS6q4ike1hguj2wG4wn0Faie9bSRdlxVdRRdm-Igy0jjCgv6YJw3-PnmWq7HRe_viGMKM9ez7wmtnNVTgOME750B5Cg7bwwjY0rmWhPoWxrmqKHmV1ZBztXK61c0DBQjiFUkSLjvAUwpeey_8cpWLT7bzI9UmIoEPJxoDQZRH99CC16q5UX7JvAq424-hj_jtEl-8aETmL1ijlrkpU_NukjMtRl0gNN22JvLULdnhQ8aAphTRFH6mehhPyOnqELhhW0uJyXhJhh2P1SHgT7q6X13m5GabfxFebnddBB0odnG8jcqazo56w3g6obIZ_5MYev63w9eIXGHNNPu3y4i_VluXkMcNliqz5picmDB-pSNqAzNP0eZPavpIOLYDusQIeCP16iOtdGymGI0Z3fPwy2_qdZPCTMQtiBvGN7alDG-_z5N3Z_aRDUO83bVnV2FQ911qnHcSAHI2vtfq4qi6qWm0OB7TbPBVVDrNQzokFYhME5PMGyXo0E1U5KAHjEeu0gnuhI_izsXWIr6x4xjcg1U3SQNV5oZFZ-q10E4Q3VreBZKjdyLeb-2dSneYynrqb1LMlz-dxuJQs3I-pTKLKAnsOuyLqKva-foqfhcaSjzsYGiei-WoX3aNtCW9vbfE3vwRvLSwC1-DzKRVQ_xm3f1DRJWcU0dvOKGxSztEp_rge5kGzsNC1tkdDG4QhjRk_ISCLCjXrJSFhQkTixBm5_LjFDgbayMfM8WhYj1YI739OOf5Op1T-xu2qqYP0pXFyPQ4MZgHELCk69FzqItXOaHP2d_LewnXsnGLuuHEUcBRalOsjnXyAuHK_PBxFcxlEoPuO0nofgJ3nipQxfTp9Pfh3ASkmGb9Yhk93KUfo6ejnEYRaNrI_nVwp9v-u0Zf9hggjOYaN3pMKTe0gHpiYFqVAHrgccid3NtEmE7FmboLzsRZxXaXo5BfsD2_CTVzyZmKSJvQrKY54ojxynJL9lLXLTRW0s9CHeHQadJBq_KAdQ55Z1_0mVFobl40S9gDrKoBoT-kNUFmtvgfhuYzBUEZVTRS9EP6ADKu3sAHifDLCaova_go1xNg0n_JJeu3H6UR-_BwBmvdsOGFLteWOCBkryJhOhibsMo3fQO16NATDg_SJbLpTaLeQgy2YOF_-4UGDevmCjjt6buqR4gqZj9-K1Byo4ZENfuSXebsrc6wQtb5yASP87K6e3tssoOD0oxYGeNkvpFPliahifjHEzBHGXtc4LolH4pVoJg9H0DYDBi_bnAqUcawTmHg2vUTyZ7TJBV8Q9OC0WelpOMO3wX-n1nMg4Msssf3-Aif3GSU2C2_W9Ajszkg52ErjN5ofaqs_1c7Ch0HBH2h_xGJIuUbctaVVuU_7p2EZFKHtI8ob3pCuF2zL3oDB__sKduIAjqG-oEQMEe36AgLnR9JSf_uahd_QmMxg38UpGcwGUg7B_lQd9JlqvX-HpdTEP17ufCQjuv0y6qx7BkOhDyQ9hYdYNuxsyyQterUBpNgVSwASyBURAx9_h2PB0H-Y3gXdSnSAgNfadVARZpiPa0gAnsDOUiqymFXTrD7Su5EZTbo09OOujyp8wC27MYhKrUf-vwWFQXFtME4KfnEa1yN4GsEOxVQ4W0Tt-GYeQthPte9ML_mDSwE5dzj18UnV5K4y4wkSiBY5BrSX_biAcmTHNIDoYFHRORGVkTQVRNFnmNVkBWIWAHgjIuIEriCjPRlADyBHrYXXuKdX59S_jcECsyjBxkPM5fnKzGuYvhSdpp0na2oAb4rkeNPL7QKywiAFPCGTGxeCBLkcgUuOF2fOMqCe7JTVoN9847ctZwb66Flm5guGzujU50v48_jRpAA8HUBbysnJiSDew6XIKVvKcBZlaT6HJy9611sRfHKUsyZGq1xrssP32-ozql3cXCqjOP3pNg3K4nzRkkH2JqiNnPf7WhED68L2DSZps90IAdpDcv51R08C6xy2CwDHhoCjtv1ysRkF2pm4AO_IN4olHRaLhQP-R35w44ItZ8OyOYos6azfDJL8IV57A9EvGrZdcCY1GRRIlMnSrOY6EjYsMd-jmwqGE1YyMULUglquZZNCVZodscQ7vgGkZdZAgMoF09Q8zLdRnriknPL_kuS4G15EVpepwSVrzZh3xRaQJy44SzL9R16QssIPxQiIOrcgGnI_G5Nfbg74LQKr0kEtaE7WvqcL7i8HqfnhqtwbjnI0aftNhbAYr8dxGqfT8WxMkwYdwX_PUbJavKpJloV43ICoHqKjp9HgqrY2fArnp6Cw_GEzIQ0yIo9JmnVmbE7LaGUOCtxgIcsdlxmPA40IKE8_8j4dZUs4cq0TybTX_jsEnhCvczJIxpqsW9R4yqReaigvfJEQhI119v7ABdXxsl6MUZjeTKCxyGso2_eBC_Xs5mq-2C2FiQHdcGDH3RVIuZMG0_EXtn-NcCVOun4OkiEpEFqrVZiy31eRkxPfInh8o_LpIYFyY3z3BdsTP-KayL4FOOky14FMK5fU5mXix3wFHv6-bw6I6NnE6m17q_pxlbFx_IzVlWtL-3ape6b9_2ty797BycoeDIP5vv1_F2-mmTUFqS7nYwC2l-jK6IKDao9qyeZK_v6S-xsTijsvQFKHFlQ9IzWdj_vppSNjucDYTXhQM3MXrUnoTrc0PycLZ8Bqd2gLaGWUZJk2SFj5pnkjmEx2XOz5gCKVwkP8K283SY8uQA5qsV4LgcB11R-WXuYzQN04SkrAPYOpM6472FczyCNptWXfLHx6gPrV6vt2Q4-fdnpEZLjh8yMUZ11ntEue0qALjgKOUmpKZe0Vq5QQCsIEgWRNL2VvaOt8vAWRtC2fiwytdVh7iNfAd2KpbJ6SAxybWE7wk3VbRTwLSgJTzyzYkJ_j9yqq8sQaUvixcTQMNPt38UysYQyq5t6jKfj8DF59B5hGiJUpeFY9ug7yr8OVY_EgmwQbyhP4y2SbA&cid=CAASJeRolwm8T8lscmqEhAMMXop-U5VOcse7GvhMdIEvQx0goTQ6Zng&rfl=2%2Chttps%253A%252F%252Fwin.just4fun.biz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0
server: cafe
etag: 4815257668744283084
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:32:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 60EE 8 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:16:33 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60EE 0
622 B 93ms
49ms Ping
image/gif 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaAOR9y-Pl7ugLaQgS7P3Rnax-WVBIHh5ER1CZkJUnIrwZlN5KGwwYRnKDQgh9JzVCVRzWl_hD9vw5tsVu-jGxJI9X9M-JmPjiTf4QOwWWexHkodk-XbiRcJf5DkWSWT7K3t0AP_NPC7GiZrbzQIM4II_WK_R8jKl5ZMEpK770CCiB2PClbsjzEW9m7Ie0hy1pZ2595I7q26W0IS1PW6EvtUpn0OjxueAU1zPNT2v25EIEb9-f5TtB-pFJ_4KAXaM4VUPbBRJBXugAUHnZSVWbZketAdx1LJ_W4SLGdtRy3ygx_WfUSYAcS05hS5dh5XZC_Q0AYPA7IDHof9MhHTSP7GT7X4hKujLa6GAgtmafZoLPPJMZeBABkHhF5cfJ4qjxLpZ_cI_qkTtoYK8TjXfyHfBKZeGWpDS5ZRx2ai3vPytL4Nev6wv0F_yWY4aT-VHA5bs_j0VmXQFSXOhNBcHOk60MuTnMZOGXeKAgDUBFPmylXPwk1ycG_qBLp5d3OVKRcgcAYjc3H8c0sMdSYKwGtOwqC49tmyEL2w8rAxljlQnRoH9WG-7rRunx98k8i7xa8duVc4oejBbbfAIyM4WMQyg__hGvbaaWiP7K0YODPjqxw9unreaC_ZoWUZ0GIJXQhJYIzGB0XbVuT9mu6ceB-kjW4sEk-hiOWez7WmOERq32aDtLPMSvsDKeCNdM5BBVJxUjQCsCjqOm7u2BwlRVFbNBC7LWny1abvSgwOMwix-HuvqN4_5tfdScLY-zxaTHyf1mx0lKsRqNddVoN4FCVYxRnjpIP1T21pYfu7c3Ccbi59iVOt943eSs96Kq630fbQvmpXWnhQsjwrqI36PyYnct58VQxlPeP3eaJiHsAy3heKMEFJBUZupSHVzHqKKC29Ekb_mOJmiEaTgaMynqIkFO6KfGlZ6wdETDz79ye5wk-PEgl-kk4FQ_kJcghn3gmZAAMbyxqQyRB7dg8V4jHXwSCdfjKLRnFzCoMjY6AxFUEXvUsKR742Ww16-ZZZdU-Xsbrg9QPiCX82pZNaQmcQbz9afKv4rVYEGbq-96SrJY8_7O1CKbEWzlzwqbfu2agL14rntai0VZXtR3gyzandvdg0RsVggQn2ksp_IVBJWh86rV8racHjYksGiAgJA9JMWvDem8MpSf9Az_Uenwxp6UsTqA7Sm9WKm3RtIjuF2kM9AmuPpr6_y4zl19rVw5IPt-gBTl8is5swprrKp5gQ-hF8EHrdWiCjw40y1wchQhWSwctbd7LwmomH5mr4FgqT5l749LlmT5_tEpXg&sai=AMfl-YS7dYKHotraanDheJDo5FtM_KFr9cmgIH9aTYiKlWA-xswUGF8EG6a6fw539z54Mow3y8WBX4UgyKHCzFb6uOkcxyTIeICYCbs8BEJ9Sprve6i9WGq88aKlHtBd8sxyibACxyiYaHQ59HKSj-X467Fhtml2Jo8u1gw9IHw8its0oy99RBVROJiCXkQgvDxSpHxZkhsOWNTgXvuKEchD8wGs&sig=Cg0ArKJSzPzCRNA3vd2aEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220721.71471&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 60EE 41 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 06:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 06:58:39 GMT

GET
H2 200 18218200542751348431
s0.2mdn.net/simgad/ Frame 60EE 104 KB
104 KB 47ms
3ms Image
image/png 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18218200542751348431

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b4af18603043d6994f4b827c8c3ae4cfd9e55ac3a88b30ba66422f15a1f8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 01:46:15 GMT
x-content-type-options: nosniff
age: 280191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106289
x-xss-protection: 0
last-modified: Tue, 24 May 2022 23:49:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 01:46:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD4B 1 KB
749 B 3ms
2ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 66466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 13:08:20 GMT
etag: 48472445140208031
expires: Mon, 25 Jul 2022 13:08:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E85B 106 KB
38 KB 46ms
2ms Script
text/javascript 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 17:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Jul 2022 17:02:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame E85B 8 KB
3 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYn-TgeRZ9ETbyMcILtQ63BOengrjkgtNLFJYrTTAplEFTT1GIa6COCbKfUZkPlGz0bw9reQAR3P-J9tabWpqX_K3lCg&cry=1&dbm_d=AKAmf-BCdxG_Z-931lHcB2yiIf9JRLV0a8uVt6uihFZqutefWL-p2PA3jvjVXIhRqV2eYPH79tFKRainYJN8mYCOSsLlMpqavmz9ME3wcrI4B97KL25POefOsiMA5epi_zj0M3mYc9GyvrFBOZmL2HG_uR9_RJCrv3bBWmF1RMMsXfbsa0HlO04msQ-2W0sSPOW6NVRMHmip7Z6l5My50g-iaN3u93KwTMFnnr--crdTwko0E4cDZifsaTnwSWpvn6yEm9VoQz9tU31xBN3g9fmXcs_r7jp9LD_0BBjmTwtphkxQibrXc7ZqHHTRsFxnwCp7hcBOQyT_u_AaFJ_fG4ZEWr-XXWz1FACWyCmUbbYlPua97o--BshMQ9gGwAZFgvM3nIpI5evlGq53FtMCrTuRtZBvJ2OHcpjVO2Ip-ANVIKVUseUgWFA9WXJcQiyZ4JO5YqmL6Sga7AoNFeqjLK3Rkzl9FQlpQyeNiJ6kW7eiPq8dYH-OPjyzRainf1JFg8ysQOeJ1AyWC2k38zPHpz0SbHrAdUwY4CXKHrbrr5xRS9Oy_frAXyFOliU9echASt3C08i_JxbSIDrYVH5ICH0_DB4bDEdRy6DvwI7AHcT1H_GjPx57DN7X3Gl64GjwYgl6n4L9_A1Z0f9FpbFDsBe42vtUxCq1A15I1TtDW4QyiILNoZPcC-07PDxueUr-IyQDJuHe87HECIuvqku3MAyvOHxlo4w7O3T1C092l1hh6BluxI3A2pK6IHSAmo1on9fINfXsF7hSarTHJ-__3pSAQlObSEDSb2F1Ik_ZS2evZBhPgh9fMjfuI0H_4JyOPPA3M2LJJ5PLzv22DNcZLzr-49RLp3YpwDjYjF-RB6QoyZlMRx70qCHM9UaiXHa3tZiG86GbauLFo2iGdy8cNBSVdFILhGhJwRue4epkVLRd74LvZcXmv1tIpSHp0pxuRgwJgNAiDC1xoymDHMQt7f_byskkrmBwS6gtL2S1EZD5ywS0_XcfRQt3fJ43FcCfTY-oKI9SAUnNuK3WWmnK_LjpaU8ZTzA1v6pG8X61W6VlMKuqDsx9Q7ROeUyXawBCNSSUS4bWIGA-shkvEI5QqwFY93LxX2Xj-FMrY3lnDXz1fRfGwr6TVezVn5VZSA-fLgL85k4RoeA5wF4nIhwsIhX7ATeSR2fWOBpqX4hSOzrTcmpTCMmiYd3KiMQO7hF8tyDIJfN9Qh4W6BohL-JG4_j_ngDYsMr2fWPkvQCYzdZUAv9FvZJCbYbNzhj6OWGL181aY-kX1aioqlE8gtdGuFZPktOC5ww9NHRcIWh6GviI4o4UlzzsqHcp1tUNbTSGV2zQt_Yg-RSmkoQ3-Z71LdWY9D90iHbVHRSinoQ4L9IVQtGqKsJ9LWZsr4UASzPH5RCASvbRX6qj6rvy771PQ4JY01HhajHrHh7yKaIgr4YzlTd08OcAue3TXod83F0LBS3fmdMSOwiXPBcYnPcwudIBrsflRshsynYrcSTkgezATFS7vZv8itKNq2ktLsl7Iq8qxv4vDn5WfDJgPZIZvx61V8sKPuCm_nf1dazEl2c-F4_aXxWUBlAjL4z3Ums-eSdCGcuNkxO6Anu30jtU7tyb0XQ3s3FaftUwK5axpqnhdPvSE2WHeQf2JE7ZFOEtEdWWEn4LuaA2yjJwszxrYiW1pRUV8fCZzp_BVcPaEWVtiSpCLZXivWE4ahtdfPHMJ_SVUwAJt5YHo-B3iUNjvPW7nOYGi3AjG-JYbFIQshL3hg9b_ORj09gEDXxwSN7VTBvmJjGygUm9uLA4fbR3lDhiB_A6YVyAjLtV6fAUxJIQPOTrk46nIPthOrmP-v0uSzVf5x5SXNyyEAXnofdlDW5f8mX7QmPogGARGpI6_kVk61mzOLUSmMd-IB1IQECyLSWFg95XfSN_D1GAQ6mJ5N7MsIJqZzzcGQ6Br5BU8q58QuTPf27FDK8py_LS4UjPHtNKS7_ehKuu72AZR8pjtSGvhHs9dqedH3YDXz5ACwVZVNNrY_beAKAjYjCgOzbsh2LIoS0z23tc4pxucmsdkPLfpgfdSGSucTm4hVwoOba_d576DZsqUDIBinaUYt2qzNiJI7nIweB40dv5D1ZFL2n3xwGUuhQjYbWKDrork7ozygUxm7RGLZUwoPpW4vDDZdO93yImULnwiLeoU2_w0fDwIh3VNaKmTIbZ8mr6mgTS3uM6tdXo-_bRdN8hRRD8V_VKveZyI6ofzkxR5HwsMyxgSE0ZGlVjA_X71xqdM9ihCTwbbN1it9k1-AbUjpEUpMh-R7sdiekqxNleyR2sjkcEqfVhj-8NEZ_kzPzeYm6Xj6id7xkqRskPTHkzf55E9Kt6WB2xwqxDMWz_hqak24EtBHOT2gXRnJgz1W9tHnCXI6CQbCwekGEG8Ku14FAmYHNTdS7DwckXlkeyjgpgVzVi0aQFG822pJy1XEFgycVjtkmKw-rWor7Kbjoj92t58uUAcpYyiyFhDAuc8qRkVAU9ie3bSGP_0mlZqxgW_NShJ3vFqxobXcbkqfKEAKv-VTPV8TRbBklRLmaUVNg9olj0IXdN6h_ERAF4sw2d6TFZeiygaaww1uPtPCJB_DJnkuyeWiF9YyNshoS0BlGAnuZSw-uh5ay4SJnPaFDfyKu63RxyA5xO3LmjW46GKzz8DpEKew2mRFOfHsQvwLEpsve0SGilIZfiAcq_cZNWdKOczqTv5zjRuA8LX6vbRMSbcJebSwB8pEPfngtlFrVhfLLxzFUJPUkZraGGRnLSCQOY0tcyKdVbc79yKPWwppNI7cMXD96DOE3yOaOH3Oy-m5Rp0DoGgivhA5jSA8dNaWHjouDHYZeSyDpatnjQjPQj_0fDfZHHc09dEHC-ORS6BvxOYDybKMsZDJSIiVak6yX6L90Z94sm0CLpmDmH0pVgb284EidMHAlEvQMtfumG9PjFvTNzokYTXBvM0kzlydPzqXueRLo8W5ZQw4ArmtwdUbIFjolPu0wNcNtMZXSnupTlkdiOtwbS1Sj2X1P5YolFzZulxoKZ2mh7KXRM5iA2ovUEI48U3d2u-SaAvd9HARP0UJ_xtu4Qy_30CbWHZxoQnreF-9kYIJbYZGzqlbrOjdJWJr-G9ijCagi3obQz16JqJa_-zLjNfIxMbFaOPoNDJ-iPVhG1jpNjKyD3UGY6VreqDyqrJ2vMskZuU-5eXYDv_jRh-COEUyEq0KDoRFey0YRWUcCdmYxh_yV4WEh4qYPAqpjI0HW193IrIKS0GQGyDBfTKPYicAw7DsSNM-bsoB5uc1aqFpU5Mmn5Sn_0WHIOADi1HVi4J0ySikWIjbekoSfWKIgeiFw8fBUIRoIPU4i21GbT2TXQNnJpG5PHvPsmEgqK7noZ3PJsxoRDYb-AlU-8Td8Q_g&cid=CAASJeRo2iYeO_Q664jRAa21soSQIk4O-07hMLGSvBRCqPo3oCovbKc&rfl=2%2Chttps%253A%252F%252Fwin.just4fun.biz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:16:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame E85B 27 KB
10 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0
server: cafe
etag: 4815257668744283084
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Aug 2022 07:32:54 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7C9A 22 KB
8 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 251194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 09:49:32 GMT
expires: Sat, 22 Jul 2023 09:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 60EE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c27ea32e30565caa5e8792a2daea88f5d6a7a632714771b17f6369a1c13e1a1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame DD4B 35 B
463 B 237ms
77ms Image
image/gif 2620:116:800e:21:46d:7e81:55ff:4c12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI8ANYPl-IShwlEWeTosxBY&google_cver=1&google_push=AehlK4A9KlBlXCkUotSdcHlG6AvAbCyrGhQhUNY74ap0LTySF0NCz2sEMaIxeZXkJtMkeya9z5vsluG-4hZf7B_tREsLsIAbyuY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD4B
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BX35eidhReN-0Q94aNJQo_0uLggz2KDbyfOWE5o8mqchmRwpha7tJYmaefmBX05pBFecwrVIwaf3sF1t98naXKy42cCHgO&google_gid=CAESEBsnN2AYgldY7FbyCx3Jzks&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOaP-ZYGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BZWhsSzRCWDM1ZWlkaFJlTi0wUTk0YU5KUW9fMHVMZ2d6MktEYnlmT1dFNW84bXFjaG1Sd3BoYTd0SlltYWVmbUJYMDVwQkZlY3dyVkl3YWYzc0YxdD...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0JHaDc2RTJoVDFoYjRhLVBVMUlyZXBrM3k2V1M3T1JYOUpPajlXYmtaUQ==&google_push

170 B
188 B

44ms
44ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0JHaDc2RTJoVDFoYjRhLVBVMUlyZXBrM3k2V1M3T1JYOUpPajlXYmtaUQ==&google_push

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Jul 2022 07:36:06 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0JHaDc2RTJoVDFoYjRhLVBVMUlyZXBrM3k2V1M3T1JYOUpPajlXYmtaUQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD4B
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDIEAYJXNwezGQuob1DOwcc&google_cver=1&google_push=AehlK4CRkkA8D50Cib7akJd_mRqPIN1uwjpvMU7_Vjlw6GMAY-wKevDRhm8lH4qsQqgjVlRgiGS1v3Zd1gc865WLYyejrNhpGUI
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CRkkA8D50Cib7akJd_mRqPIN1uwjpvMU7_Vjlw6GMAY-wKevDRhm8lH4qsQqgjVlRgiGS1v3Zd1gc865WLYyejrNhpGUI&google_hm=prXxYUlkwMgngmQxXqalFQ==

170 B
188 B

84ms
42ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CRkkA8D50Cib7akJd_mRqPIN1uwjpvMU7_Vjlw6GMAY-wKevDRhm8lH4qsQqgjVlRgiGS1v3Zd1gc865WLYyejrNhpGUI&google_hm=prXxYUlkwMgngmQxXqalFQ==

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CRkkA8D50Cib7akJd_mRqPIN1uwjpvMU7_Vjlw6GMAY-wKevDRhm8lH4qsQqgjVlRgiGS1v3Zd1gc865WLYyejrNhpGUI&google_hm=prXxYUlkwMgngmQxXqalFQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: duar68ah08fo9u6n2djetjoqgriqe3fg

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DD4B 0
41 B 215ms
2ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIxbK6npLjxA_Qb1S9G5dWA&google_cver=1&google_push=AehlK4BXAr-6xzUFUoZnvLZCecIOXRvnTg0zYWDV5Kbw9ly5tQz1fh-7jop_3keO7ky_tKJ_GPfIBbI77njVX9CMS5zWxtRDvFtR
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=3160787547&pi=t.aa~a.564879124~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=2&bdt=1283&idt=-M&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0&nras=2&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vDw6np1Tms&p=https%3A//win.just4fun.biz&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD4B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPl7aauUSYBGJ-1OrUdbnK8&google_cver=1&google_push=AehlK4CTeetBPQ9uBjJjcUDNiUpFJPgr_GNXEnGj9iUHC-5zYezFMz-JfHsDc_enqlm_Y9aG6UX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWDAtMTEtTDNDTw==&google_push=AehlK4CTeetBPQ9uBjJjcUDNiUpFJPgr_GNXEnGj9iUHC-5zYezFMz-JfHsDc_enqlm_Y9aG6UXB5jl2g6pvXCRfxD6p-QK4PgNE

170 B
188 B

39ms
39ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWDAtMTEtTDNDTw==&google_push=AehlK4CTeetBPQ9uBjJjcUDNiUpFJPgr_GNXEnGj9iUHC-5zYezFMz-JfHsDc_enqlm_Y9aG6UXB5jl2g6pvXCRfxD6p-QK4PgNE

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWDAtMTEtTDNDTw==&google_push=AehlK4CTeetBPQ9uBjJjcUDNiUpFJPgr_GNXEnGj9iUHC-5zYezFMz-JfHsDc_enqlm_Y9aG6UXB5jl2g6pvXCRfxD6p-QK4PgNE
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD4B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_hm=Yt5H5piEdfaFxmfhtV9n-wAAA1oAAAAB&google_nid=index&google_push=AehlK4CKTSgvWZtWR5US4nz5UwIOg11TwqKHm...

170 B
188 B

42ms
42ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_hm=Yt5H5piEdfaFxmfhtV9n-wAAA1oAAAAB&google_nid=index&google_push=AehlK4CKTSgvWZtWR5US4nz5UwIOg11TwqKHmeNrbaSPSlAvagKF6cNugAxecXux3X9-1sybEeYwiWhRW-TYGG3ZaX6RbzMSvmvb

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se3tDHZvkgKzb3jdk9koAbNiZcSkkt1gkWvTZkswf05YRTYdVBvRceoVOSAvdsyeN8c%2Bja9Ye%2BBc6Yb733ltKF9XSZvbqPaPrT%2FTRpy75L%2Ba0%2B9H5arm9FeO35OKQx161CJWYIrpqsxCbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPdLmeUH_DGX9T8KhHyY5vM&google_hm=Yt5H5piEdfaFxmfhtV9n-wAAA1oAAAAB&google_nid=index&google_push=AehlK4CKTSgvWZtWR5US4nz5UwIOg11TwqKHmeNrbaSPSlAvagKF6cNugAxecXux3X9-1sybEeYwiWhRW-TYGG3ZaX6RbzMSvmvb
cache-control: no-cache
cf-ray: 73033900985d1f23-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD4B
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEB_m9OwUAjFzs0DJ8XYKj7g&google_cver=1&google_push=AehlK4BOvclQH2gZUz4PfKar3l1UOX6rm5p0V5-RvhebnIY_8RlJAoNJLqJ_Rbd21F9Yqp-iiTpFJYdLPgfyvWsjuhN0wdrNjyYZ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BOvclQH2gZUz4PfKar3l1UOX6rm5p0V5-RvhebnIY_8RlJAoNJLqJ_Rbd21F9Yqp-iiTpFJYdLPgfyvWsjuhN0wdrNjyYZ&google_hm=6595f5da9e38ba590ff...

170 B
243 B

40ms
40ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BOvclQH2gZUz4PfKar3l1UOX6rm5p0V5-RvhebnIY_8RlJAoNJLqJ_Rbd21F9Yqp-iiTpFJYdLPgfyvWsjuhN0wdrNjyYZ&google_hm=6595f5da9e38ba590ffab998836ac11a

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4BOvclQH2gZUz4PfKar3l1UOX6rm5p0V5-RvhebnIY_8RlJAoNJLqJ_Rbd21F9Yqp-iiTpFJYdLPgfyvWsjuhN0wdrNjyYZ&google_hm=6595f5da9e38ba590ffab998836ac11a
date: Mon, 25 Jul 2022 07:36:06 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DD4B 0
50 B 44ms
43ms Image
text/html 172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ig0yD24MUcji4I5qNVJi0p75qYiBO93ThDb-RoVTgUrUgLep2dd2FKe5TYat497qdSLGAM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E85B 41 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 06:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 06:58:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1995 1 KB
749 B 3ms
3ms Document
text/html 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 66466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 13:08:20 GMT
etag: 48472445140208031
expires: Mon, 25 Jul 2022 13:08:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60EE 0
63 B 41ms
40ms Ping
image/gif 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame E85B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 802994cb0a58e8dde87a05a84219b283869c6f11c7c21a675ca1e2687daea0b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
166 B 193ms
193ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwin.just4fun.biz%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3AJUST4FUN_BIZ%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658734566441%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=b996ec07d9d79a4563e7ef4f983e298a2df10a80

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 99
pragma: no-cache
last-modified: Mon, 25 Jul 2022 07:36:06 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdc18e7cdb95385302380ee850c274bd8becf6138034bf01516a49de97fe2f84
x-transaction: 7f89e88ac5c14583
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 9 KB
4 KB 42ms
4ms Document
text/html 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e79e16b991b1e55fb236cfd67dc75d84b95741b34c7e3589d58f5cc50a67a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 552712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3610
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Jul 2022 22:04:14 GMT
expires: Tue, 18 Jul 2023 22:04:14 GMT
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E85B 0
27 B 87ms
47ms Ping
image/gif 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMtj2ADXETt1ZkJ7ORAgG5j-nf7_7jF-1-A2kqk-bvuWgd008dAiAwxqeitp06-A6TrAI1ANI9lnzvhCoY8jJurcvGbE9W_ZSwt6YPp_KulhfiggaiPGQiyOARGjUjwlvSD3c3rQihM74RuvjuvIEMrPd3QVOjSWTI060aRjVbf1TCtMaP9-rwKK3Z7f4iGBmjCQ6s04j7SaLBBaES31j9vh8kJK7iqqByu1YQ5nrFc1sm-6BLxnerOPqktbJG4KAV4Oe4KoMPjvJEB-MyLZQ2w937nHf4Pl_zJsCPuI2XWBaRvzfAFlFVT6f0CUHLZz_Y8T2DJAD0GzZxCgwJsX9UBQdFxaOp-EBqZAs5f9f8hRqOIQZJucPwhUj7Gl8nNChQOL6BPP__iX_Bam85NEhftw1nxj9JplpJ3UadZ2rRJfqwJTDlPfCbXLriox6SJgCMa7F4G9ddemJoUHot60ihNeBe1HamcPHePh01NjdgW9LltXMo1UH-Y7e0vnj_j8bccxhgPShI1oXj4jGFEAn8eiH51XwD_eHbKBPDhFOjLHGwTFX2N8LLez7s7lJ8oSKS5GfKQgGLeyIeNUFbHvDVJOtrWazXHuPUajzsmBRlZyANzyKMDftWsGSTmwMGKoGs0GBfOrsRpktpF6aqmew5GZVSRLkI4LPDTITSdVQTl9pGFelpygFUBOiU4V_QIO1WrevNDgQcaDV2F4elzDI7J7vIeo2WnBUPk1fylyOrBZkZY9odbeTM4TkeBOxm8W9P7AH9z_nonuQHkllSLQbOYEB9ODjGu6Hb57VNm8cR4iK1h4adyuXygHWZ61jWCbIPWoEFP836UUNNWYPINe9cqAvyhS3FATwvGf4ZWMRPJFdD3YUiWjDEAZ0QCsqj4H66mVxUscd1V05JLm72X9F6ps5j0-MW0MMdAdk0AaGb2mRAPxen3MNP4-qzRP6VSbv8k8f0gcZudEO3DZn4Cj_WX_4fqvcunu_1F6w1daCHQyrfH4g95Hc4U-qmy5c86zO9RG3PdVTNBqA24bvQflyykhhgz3XRlHGYJa6T4dOG6TS0F-bkXrNyag3ZhEwgZ_PmAFKYxFR1Y4xk452BeC7TgUhW5MTxcJm0kZ-stMHkPA3k5uomCXQxQk7UBtfr8Y8qBqsCtrPNeIMCMwT49KSRyRvBkSdn6uOU31opbPONH3-N-XHucQlm1q8dK_mKn9f7Lp9ufP4M1Ib7JZ7ilFikjz0K_uFVhqzLiX1J2YJGM2VfKcD-9RxxERQMMOSNniuYyvdI1Us&sai=AMfl-YStRYu1aJSrv78levHTpPnKbRPf2DqwvY1bGEiML-NCQg557cWNfFVmj_-KqsPcmtvvG2Lpb4yJeVMYgNo4R_Xd1gYlnAOcPKRfUQAJDsk6z4qu5UJLR9HkMljXG1lgWKAlAinHG6hwpf1ey0qo2MbBWgV_7VGLv2GyKDkJVr1qV-JgBSFl-DasbmTbA9XbxI4QZrdJ8ADfiYhIhwrOzfms&sig=Cg0ArKJSzDzIfwbg5BNCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=99&cisv=r20220721.27412&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 25 Jul 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C9A 36 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 03:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 03:09:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A0D9 22 KB
8 KB 6ms
5ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 251194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 09:49:32 GMT
expires: Sat, 22 Jul 2023 09:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1995 35 B
462 B 161ms
78ms Image
image/gif 2620:116:800e:21:46d:7e81:55ff:4c12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKsY_5s-MJffeCcnhgPYRks&google_cver=1&google_push=AehlK4C2keLTl-XCUvKijS_C9L8tuDwg_DOyizH7nBOehLryqEOoopDwBauotV3JdHkiTcX2N5QL59KRAyPAw_fvk2hFEu4FZLsT-A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1995
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEIOSZqddvZTB1wC37-u_gfw&google_cver=1&google_push=AehlK4AziUvnMNQcr81nAMatvoyZY3cydFtjYW7PimsYnyAF6YPLlsBmN8RWYB86yUeKCNcuDFT6sz86tWvvRD_TXQOb7vmHHYAxaQ
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AziUvnMNQcr81nAMatvoyZY3cydFtjYW7PimsYnyAF6YPLlsBmN8RWYB86yUeKCNcuDFT6sz86tWvvRD_TXQOb7vmHHYAxaQ&google_hm=prXxYUlkwMgngmQxXqalFQ==

170 B
188 B

41ms
39ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AziUvnMNQcr81nAMatvoyZY3cydFtjYW7PimsYnyAF6YPLlsBmN8RWYB86yUeKCNcuDFT6sz86tWvvRD_TXQOb7vmHHYAxaQ&google_hm=prXxYUlkwMgngmQxXqalFQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:05 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AziUvnMNQcr81nAMatvoyZY3cydFtjYW7PimsYnyAF6YPLlsBmN8RWYB86yUeKCNcuDFT6sz86tWvvRD_TXQOb7vmHHYAxaQ&google_hm=prXxYUlkwMgngmQxXqalFQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: h7d5gajupq9g3nvp0rdboaon6mt5hj8j

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1995 0
166 B 138ms
2ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFGXWbImCvrQO3A8k9H3DuA&google_cver=1&google_push=AehlK4A1G0rHj4Y756ZYHZrAUGWzJcpmc_7ubjmAayg22AlkDBdYlIS16YIsyrcGAdwZlFWnn7nl5epQAJrxI2oDF6lYdVCnJ7W2og
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1995
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELIZFrMXRmwrsNSymQ5EAmY&google_cver=1&google_push=AehlK4DrSWfcIaSmc-USEq8HnBD-gE9WXBjVqZNXIhRnOFCt-Dwli2hwKdStOOKpm4nwnIcQGWl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWjQtMU0tS0ZLSA==&google_push=AehlK4DrSWfcIaSmc-USEq8HnBD-gE9WXBjVqZNXIhRnOFCt-Dwli2hwKdStOOKpm4nwnIcQGWlYyRmy3J-88LfUJB7WrfUgriggmQ

170 B
188 B

41ms
41ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWjQtMU0tS0ZLSA==&google_push=AehlK4DrSWfcIaSmc-USEq8HnBD-gE9WXBjVqZNXIhRnOFCt-Dwli2hwKdStOOKpm4nwnIcQGWlYyRmy3J-88LfUJB7WrfUgriggmQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYwRlFFWjQtMU0tS0ZLSA==&google_push=AehlK4DrSWfcIaSmc-USEq8HnBD-gE9WXBjVqZNXIhRnOFCt-Dwli2hwKdStOOKpm4nwnIcQGWlYyRmy3J-88LfUJB7WrfUgriggmQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1995
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELufhgVO8Sq9iSW7zpbM-6A&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELufhgVO8Sq9iSW7zpbM-6A&google_hm=Yt5H5k-IF1dPoJ4CuFMWAAAAAQoAAAAB&google_nid=index&google_push=AehlK4D8cYCJIQ1MDw2YADokK0y7ktJ85cHml...

170 B
188 B

46ms
45ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELufhgVO8Sq9iSW7zpbM-6A&google_hm=Yt5H5k-IF1dPoJ4CuFMWAAAAAQoAAAAB&google_nid=index&google_push=AehlK4D8cYCJIQ1MDw2YADokK0y7ktJ85cHmlPfwRLDNr5qlSqyUjw8CLnUvBuyjP5BylLXiGFjS_Ql5FRZhKwXvgdRnkHmjvZlAjQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LiFZ0eN50lB0Zwvo4SHvuYbuvy8FUJZ5ZTBu2kB%2FK11dY76qYaxWRzUAHfl8gCpLNm3OotK9IYithOZ7O0iKoBqYgwo0qe4%2BJ07McKHLnOQjX%2BXHK9qSwE1CU2bx3B%2FX%2FcBn%2FtMdJpJ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELufhgVO8Sq9iSW7zpbM-6A&google_hm=Yt5H5k-IF1dPoJ4CuFMWAAAAAQoAAAAB&google_nid=index&google_push=AehlK4D8cYCJIQ1MDw2YADokK0y7ktJ85cHmlPfwRLDNr5qlSqyUjw8CLnUvBuyjP5BylLXiGFjS_Ql5FRZhKwXvgdRnkHmjvZlAjQ
cache-control: no-cache
cf-ray: 730339006a323499-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 1995 43 B
297 B 366ms
71ms Image
image/gif 2406:da18:5a5:3101:4d9d:a617:21dc:b3d7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHzHMWMT2aGISQEPZnWy4Jk&google_cver=1&google_push=AehlK4A3tRoUUnFt3mQwUseOHnxseWMeNuh9Y12dgRrn0i1pbJ9EgLWeUH-r1VShrTr5gpYuGL3N8OBLu1CWPZl-oQUlRj3TIfiYJg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da18:5a5:3101:4d9d:a617:21dc:b3d7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1995
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEEjnvEjmTrcgjk4inWWn4so&google_cver=1&google_push=AehlK4CFxpbLOl_00AecD05JyhDd41pA5tUsUaVp2z0DyPixKsbKQUTVNEws_4mOtEGQPcQWtJ_B8qn43zJS0Tfp-AiNLOBcZ1e9JQ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CFxpbLOl_00AecD05JyhDd41pA5tUsUaVp2z0DyPixKsbKQUTVNEws_4mOtEGQPcQWtJ_B8qn43zJS0Tfp-AiNLOBcZ1e9JQ&google_hm=6595f5da9e38ba590...

170 B
188 B

58ms
44ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CFxpbLOl_00AecD05JyhDd41pA5tUsUaVp2z0DyPixKsbKQUTVNEws_4mOtEGQPcQWtJ_B8qn43zJS0Tfp-AiNLOBcZ1e9JQ&google_hm=6595f5da9e38ba590ffab998836ac11a

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4CFxpbLOl_00AecD05JyhDd41pA5tUsUaVp2z0DyPixKsbKQUTVNEws_4mOtEGQPcQWtJ_B8qn43zJS0Tfp-AiNLOBcZ1e9JQ&google_hm=6595f5da9e38ba590ffab998836ac11a
date: Mon, 25 Jul 2022 07:36:06 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1995 0
12 B 83ms
45ms Image
text/html 172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0deNhanQYmWUH7KeaxrP6d895NONERN7qvTNGJxqqtxUd1kWAq22HBlx1zvMP2rkrotk_

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
123 B 200ms
198ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwin.just4fun.biz%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3AJUST4FUN_BIZ%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658734566471%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22tweet%22%2C%22action%22%3A%22seen%22%7D%7D&session_id=b996ec07d9d79a4563e7ef4f983e298a2df10a80

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 103
pragma: no-cache
last-modified: Mon, 25 Jul 2022 07:36:06 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdc18e7cdb95385302380ee850c274bd8becf6138034bf01516a49de97fe2f84
x-transaction: 64bd253ff82491f7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 style_1AT2x9_.css
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 681 B
400 B 3ms
3ms Stylesheet
text/css 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/style_1AT2x9_.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b98f13298bad026586b55d63b28452f63f9bac3246262b0fe8801cebb79c8254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 12:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155289
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 12:27:57 GMT

GET
H3 200 custom_2bCvMIQ.css
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 3 KB
987 B 5ms
4ms Stylesheet
text/css 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/custom_2bCvMIQ.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1cae98a37d9d33384999d70d967d92210fb099a5de9bf3713be8ab3aafeb7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 00:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 958
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 00:45:43 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/ Frame D20F 62 KB
23 KB 17ms
8ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.8.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 391335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22641
timing-allow-origin: *
last-modified: Wed, 29 Sep 2021 08:04:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61541e28-5871"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=649s6TryQzNb8PeC0ZWfJmsR74pAn1FyS7MSGb5hK%2BGyc55zz%2FVTMbB1KkAT%2FACI0xzliLligv15BP44SQ905jvCE6p0X2CfwgOIbgQSEg5ZuDVU0zRv10PWQ9wkfVdASBFZWqIOyKl8K75Bou84B%2BUg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73033900cbbf80c0-NRT
expires: Sat, 15 Jul 2023 07:36:06 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 121 KB
41 KB 5ms
4ms Script
application/x-javascript 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c18e2a8dd61283a556eaf39a4b05c5cfd51c0299f5263ea99d0bb0a4a08a74c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 18:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42324
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 18:06:32 GMT

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame A0D9 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 03:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 03:09:23 GMT

GET
H3 200 fonts_2VHrnXG.css
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 286 B
187 B 4ms
3ms Stylesheet
text/css 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/fonts_2VHrnXG.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302400c223d68d2aab9b35f106c5c4856da0a56729827df52a942292958cf97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 22:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 22:03:33 GMT

GET
H3 200 Mplus1p-Medium_z1gxQuo.woff
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 6 KB
6 KB 3ms
3ms Font
font/woff 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/Mplus1p-Medium_z1gxQuo.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/fonts_2VHrnXG.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efdd0455ff3746ea451f1fe281eaae5c0a44600014a2e4819231fe64a9cef908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/fonts_2VHrnXG.css
Origin: https://s0.2mdn.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 04:21:46 GMT
x-content-type-options: nosniff
age: 357260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5932
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 04:21:46 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E85B 0
26 B 46ms
45ms Ping
image/gif 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMtj2ADXETt1ZkJ7ORAgG5j-nf7_7jF-1-A2kqk-bvuWgd008dAiAwxqeitp06-A6TrAI1ANI9lnzvhCoY8jJurcvGbE9W_ZSwt6YPp_KulhfiggaiPGQiyOARGjUjwlvSD3c3rQihM74RuvjuvIEMrPd3QVOjSWTI060aRjVbf1TCtMaP9-rwKK3Z7f4iGBmjCQ6s04j7SaLBBaES31j9vh8kJK7iqqByu1YQ5nrFc1sm-6BLxnerOPqktbJG4KAV4Oe4KoMPjvJEB-MyLZQ2w937nHf4Pl_zJsCPuI2XWBaRvzfAFlFVT6f0CUHLZz_Y8T2DJAD0GzZxCgwJsX9UBQdFxaOp-EBqZAs5f9f8hRqOIQZJucPwhUj7Gl8nNChQOL6BPP__iX_Bam85NEhftw1nxj9JplpJ3UadZ2rRJfqwJTDlPfCbXLriox6SJgCMa7F4G9ddemJoUHot60ihNeBe1HamcPHePh01NjdgW9LltXMo1UH-Y7e0vnj_j8bccxhgPShI1oXj4jGFEAn8eiH51XwD_eHbKBPDhFOjLHGwTFX2N8LLez7s7lJ8oSKS5GfKQgGLeyIeNUFbHvDVJOtrWazXHuPUajzsmBRlZyANzyKMDftWsGSTmwMGKoGs0GBfOrsRpktpF6aqmew5GZVSRLkI4LPDTITSdVQTl9pGFelpygFUBOiU4V_QIO1WrevNDgQcaDV2F4elzDI7J7vIeo2WnBUPk1fylyOrBZkZY9odbeTM4TkeBOxm8W9P7AH9z_nonuQHkllSLQbOYEB9ODjGu6Hb57VNm8cR4iK1h4adyuXygHWZ61jWCbIPWoEFP836UUNNWYPINe9cqAvyhS3FATwvGf4ZWMRPJFdD3YUiWjDEAZ0QCsqj4H66mVxUscd1V05JLm72X9F6ps5j0-MW0MMdAdk0AaGb2mRAPxen3MNP4-qzRP6VSbv8k8f0gcZudEO3DZn4Cj_WX_4fqvcunu_1F6w1daCHQyrfH4g95Hc4U-qmy5c86zO9RG3PdVTNBqA24bvQflyykhhgz3XRlHGYJa6T4dOG6TS0F-bkXrNyag3ZhEwgZ_PmAFKYxFR1Y4xk452BeC7TgUhW5MTxcJm0kZ-stMHkPA3k5uomCXQxQk7UBtfr8Y8qBqsCtrPNeIMCMwT49KSRyRvBkSdn6uOU31opbPONH3-N-XHucQlm1q8dK_mKn9f7Lp9ufP4M1Ib7JZ7ilFikjz0K_uFVhqzLiX1J2YJGM2VfKcD-9RxxERQMMOSNniuYyvdI1Us&sai=AMfl-YStRYu1aJSrv78levHTpPnKbRPf2DqwvY1bGEiML-NCQg557cWNfFVmj_-KqsPcmtvvG2Lpb4yJeVMYgNo4R_Xd1gYlnAOcPKRfUQAJDsk6z4qu5UJLR9HkMljXG1lgWKAlAinHG6hwpf1ey0qo2MbBWgV_7VGLv2GyKDkJVr1qV-JgBSFl-DasbmTbA9XbxI4QZrdJ8ADfiYhIhwrOzfms&sig=Cg0ArKJSzDzIfwbg5BNCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&vt=11&dtpt=173&dett=3&cstd=99&cisv=r20220721.27412&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Mplus1p-Regular_3MhkhEO.woff
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 6 KB
6 KB 3ms
2ms Font
font/woff 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/Mplus1p-Regular_3MhkhEO.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/fonts_2VHrnXG.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d031329a0e9870b6cd7e9831d5c29a96563d6caabfb6656538f5cfdae14f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/fonts_2VHrnXG.css
Origin: https://s0.2mdn.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 12:59:56 GMT
x-content-type-options: nosniff
age: 412570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5948
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 12:59:56 GMT

GET
H3 200 visual1_3QCnHeU.jpg
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 43 KB
43 KB 8ms
8ms Image
image/jpeg 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/visual1_3QCnHeU.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb68369c7a342ba8c26d259cb6f9983dded62e8c7f933ea495837a6956152c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:00:40 GMT
x-content-type-options: nosniff
age: 347726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44128
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 07:00:40 GMT

GET
H3 200 visual0_1MKm0dE.jpg
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 24 KB
24 KB 10ms
10ms Image
image/jpeg 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/visual0_1MKm0dE.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67fcc770b0622186420eeb8968d10826e071c4471f7c74cf8ee37af0e1486738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 09:10:09 GMT
x-content-type-options: nosniff
age: 80757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24184
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jul 2023 09:10:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C9A 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0nnK5kfeYrLcEI3k2gTxxYDABwAAAAA4AeAEAg&bg=!09Cl0JTNAAacadVKvGk7ACkAdvg8Wiju0xVcQICx3P3gl1S0s68GTy3_gQX0gC86Eb9AhWaFLoZHmgIAAAClUgAAAAJoAQeZAuDd7RFP0EHXYFlMkWTAvvjeHYaif9sdp5fwI-50klya9e16PGhR71kwU0b5CJ48urfjdI_MaooBSjKg5sc2b8HyvnGNZrKaiQQJJ6Y7R95bdcto0nV0wZxujIsrBGjvwY8KK_68XpDEryNVPkgFjQJy7Spa-NqC60RjPL9VE4pVpqBwodowN-rRosOOh-qoGsuNLjZhtdeXg7tSGB3c_1V1TwLMonQ4wPamrGD47P2wbJKOpJB0N7pi2O4KIi23SfinTj7mzVpukeJqb-bjmzveSbBZShxgX_QC3gEo4AN5HOXiQg5BbWfhCwkUdgF9QsWEdFA1VFt0HVAjZFGeYzD80uzGhf4R_WYvQthMDEuvmNnH9aIg42m-QbkeQc65S1MlPA42WtXyRyd7_Ws6DyW4HkqlAhtoYJpBSURbX3rOtWsvP-3nPywdCUK9sN-JiHwFYTteeJC-AHFdOGyNmUvAz__6dGBx4HrAnXVIEG-XEjIALQeUoCOa_oXeXBlMrLT6vQ_72owJAfEYwWmMhb90VHQIBJ_YUF4_0xo1VK8k2SJlk1DyfB3qJFBpByzJMwjI8aVJxU0isnslE9rnbdLRkSBfH8hIQ6kFkzwKG_mhWSHEL6ZnwS0MewX76jYKuHPgy56jkLRYJjoWGyIvgZ8kybrcjRUsho2HDd2k899TWwkVx_eqehgPEXPLAAzasTsQN0xm8m66sbHgtUM016BCDo-nPS6hB281Cj84_l3gmWSRcDlZw-vo6oXkwU12JM7KgeUgIz6CxQ9o9gmVNF2PRKScd3y-0jnPqOa-KFjLhmw6L_n-kZq5Wl9Vo3jBrH4VddNP48zc4-OGfkjv8Z7ctndgXEb8QP-BL_NQ38Cw1HxdHW7xuVOP7HyUfqPQSpIYNxQn9clYcXrTJtplBVUyExZHdh8PjcWzn6BY_hAANrAo_jd1hanjoXpW7MqUCmZV1GRjwQi-0LTHpykci8sg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 visual1_3QCnHeU.jpg
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 43 KB
43 KB 8ms
7ms Image
image/jpeg 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/visual1_3QCnHeU.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb68369c7a342ba8c26d259cb6f9983dded62e8c7f933ea495837a6956152c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:00:40 GMT
x-content-type-options: nosniff
age: 347726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44128
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Jul 2023 07:00:40 GMT

GET
H3 200 visual0_1MKm0dE.jpg
s0.2mdn.net/sadbundle/14552050763412260071/ Frame D20F 24 KB
24 KB 9ms
8ms Image
image/jpeg 2404:6800:4004:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14552050763412260071/visual0_1MKm0dE.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14552050763412260071/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67fcc770b0622186420eeb8968d10826e071c4471f7c74cf8ee37af0e1486738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14552050763412260071/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 09:10:09 GMT
x-content-type-options: nosniff
age: 80757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24184
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 02:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jul 2023 09:10:09 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
124 B 201ms
201ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwin.just4fun.biz%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3AJUST4FUN_BIZ%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658734566698%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&session_id=b996ec07d9d79a4563e7ef4f983e298a2df10a80

Requested by

Host: win.just4fun.biz
URL: https://win.just4fun.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://win.just4fun.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Mon, 25 Jul 2022 07:36:06 GMT
server: tsa_m
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bdc18e7cdb95385302380ee850c274bd8becf6138034bf01516a49de97fe2f84
x-transaction: 63e34bde572caf85
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0D9 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSNnD5kfeYvWoEYfC2gSbuofYCwAAAAA4AeAEAg&bg=!nJ-ln9vNAAacadVKvGk7ACkAdvg8Wr0gRuxhh46SFU68VuJ3r5AEU6WTaStXWwjajtL6YOe5_4XjSwIAAACxUgAAAAJoAQeZAu5AYR3Hb61cWVoZqXF4ZEYoiyUPRbl-LCSABghakKbgBUW71rVogP0SQb7KXdNJRji2A2rQm0q0abir2cmAg-s_0LYZOVXf5Egb70MjKnnUG6QSU200u2MTvNi4k63Bn9MqPQAlG0rKs4KaPDcykMkRfHAX8JXKXDk9F825RRyP-ZLYT7hruaY4PmSBpEMZRxvMuB2yCSYZX1yBY4XU2l5fmIvAMfbx4gNjHi5uPYx3qcNgePm_1kjwgraYqiPdafmGewidfOUVuX3TeTRU592AwzHuq2jjiYna6hyf4VCslpXs2DG5W1WbwIC11whzjLozABbLLp9_HQDRBUhgLLXQf8irsZZZW_7tJr8CtRJucMBedzqwUjwAosnia1UsGTvfBBGJHsnF45F3VJh1PWBztCFytSI8KiMUrGCYbcvnSE_0vp-Ok0XBdpxal2n9S9IjV5Fzj4eg5uP0MahRR4jVi3bv9SqKAR2DqRDNjeNfXOiyNvCwxJ5d0k-dhdyKAwTK7Lrn3fkfbndkc0DJK918IWVAvao41Stclpsr7zLvo1PDgrxxDkrq6Z9v5aV-pXoF8mLgg1322o1OvlloNoS8438B9IH-jB1QYrHgeACA98-_3jkBAX-O7q5hLxFighy2kza3aHVn6Ps2uhdI3zP1fskcUitl8CjrFKE2dZyhWtQitTp4gBZZn13daOQZgxq5alqEBheSy_J1x9tu1Caf6rc91Oa5D3pu9mXYWWMs3i3tH7xzUPzo6jSBVLsGwEhBaPwY32xdL1E9h4E7K81jNBbTbRVyy553BdRJs5WjEZlqxcZUh8UYrx8xBP5Ti2ac0_uHM8lbc4-oLxlBoTrMlIgRTIwriAds6SuPi3WskXvrm5BcrkAqZY_Kt4COzf6HTtMteNg1WUEW9pi6in7o24a8_XMib87D_RZBHxLR0qwdLBBLJ3ZoufrE5vwR80sD2KAjutA0cdazLZmxBFpWspwQFi0g_za9w_efCN4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3876881683303122&output=html&h=280&adk=2451554456&adf=2551866268&pi=t.aa~a.564874125~rp.4&w=346&fwrn=4&fwrnh=100&lmt=1658734565&rafmt=1&to=qs&pwprc=4745344501&psa=0&format=346x280&url=https%3A%2F%2Fwin.just4fun.biz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658734565647&bpp=1&bdt=1282&idt=1&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfa2fe674346c5e22-2202d82b55d50076%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw&gpic=UID%3D0000080abe623c96%3AT%3D1658734564%3ART%3D1658734564%3AS%3DALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ&prev_fmts=0x0%2C346x280&nras=3&correlator=2046361563915&frm=20&pv=1&ga_vid=1968863140.1658734565&ga_sid=1658734565&ga_hid=558013583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=41&ady=1675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763506%2C42531608&oid=2&pvsid=2495299345258815&tmod=622739508&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AjkTZ8Fcgx&p=https%3A//win.just4fun.biz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B58B 42 B
64 B 80ms
41ms Fetch
image/gif 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUUdKOnXefVetL6trZBuXkBEl0OfRgrkT8Sr39hogeXC--ngMb97Ose5umd7KBZN5oAXOdtH2vVWnxr16AKd6aTBkXHUex35qG4WM9885-nbmJQFJGbQr6nXtkGssA9G7TNBHLLYOUog&sai=AMfl-YTfBBcr280OadYcJMxyBaH0fb839lu3TP_g7OFFTbgsXyumPXiiE0Xjqsytzo13u9YJcWYisQKFXjzT&sig=Cg0ArKJSzLKJqkLrC2CDEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=104,777,1001,1133,1230&tos=104,673,224,132,97&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658734565737&rpt=172&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 07:36:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s-cs.send.microad.jp
URL: https://s-cs.send.microad.jp/cs?key=google_1

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.just4fun.biz/	1970-01-20 14:07:10	Name: __gads Value: ID=fa2fe674346c5e22-2202d82b55d50076:T=1658734564:RT=1658734564:S=ALNI_MZix3LjNeNPifmwkTkzSfG8tlDnPw
.just4fun.biz/	1970-01-20 14:07:10	Name: __gpi Value: UID=0000080abe623c96:T=1658734564:RT=1658734564:S=ALNI_MZwuA77fKD7yfxngiMumcHlIpUAPQ
.doubleclick.net/	1970-01-20 04:45:38	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:16:46	Name: IDE Value: AHWqTUlu312fQOzJk-PusSpKbgXMLzuBGTlTHKleerJ2FyFiGLUzBttxcpgjrtI-CpM
.openx.net/	1970-01-20 13:31:10	Name: i Value: aa4f4404-4965-4611-9b20-e06ee998ac52\|1658734566
.adingo.jp/	1970-01-20 05:28:46	Name: ID Value: 6595f5da9e38ba590ffab998836ac11a
.casalemedia.com/	1970-01-20 06:55:10	Name: CMPS Value: 858
.rlcdn.com/	1970-01-20 13:31:10	Name: rlas3 Value: 3xiKiGTgU1DjuNYmFcVCyL6cu/3q2ceiQdGI0jwyoQY=
.quantserve.com/	1970-01-20 06:55:10	Name: d Value: EGcBCQHZJoEA
.quantserve.com/	1970-01-20 14:15:48	Name: mc Value: 62de47e6-8f624-64228-2bc82
.casalemedia.com/	1970-01-20 13:31:10	Name: CMID Value: Yt5H5k.IF1dPoJ4CuFMWAAAA
.casalemedia.com/	1970-01-20 06:55:10	Name: CMTS Value: 879
.casalemedia.com/	1970-01-20 06:55:10	Name: CMPRO Value: 266
.rlcdn.com/	1970-01-20 06:11:58	Name: pxrc Value: COaP+ZYGEgUI6AcQABIGCOndKhAA
.innovid.com/	1970-01-20 06:55:10	Name: uuid Value: 736e99cf-c75b-465d-b270-6f557dd4a94b-20220725 03:36:06
.adnxs.com/	1970-01-20 06:55:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>6wmr1i!]tbPl1M>e)ZlrFUfJ+tGXvX+D?d?vFPq=VQ1Q#%:G$7-T!yM5_/!cJXD?J@bpRzqF1`b`618[#p
.adnxs.com/	1970-01-20 06:55:10	Name: uuid2 Value: 4599942459832653473

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.co.jp
adservice.google.com
ag.innovid.com
assets.getpocket.com
b.hatena.ne.jp
b.st-hatena.com
cc.adingo.jp
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.rubiconproject.com
platform.twitter.com
rtb.openx.net
s-cs.send.microad.jp
s0.2mdn.net
ssum-sec.casalemedia.com
syndication.twitter.com
tpc.googlesyndication.com
us-u.openx.net
widgets.getpocket.com
win.just4fun.biz
www.google.com
www.googletagservices.com
www.gstatic.com
s-cs.send.microad.jp
103.231.99.243
104.18.18.126
104.18.19.126
104.244.42.72
104.254.148.251
117.18.237.66
13.225.165.4
13.225.165.96
13.225.173.49
143.204.86.111
163.44.185.166
172.217.161.34
172.217.175.2
172.217.31.130
2404:6800:4004:80a::2002
2404:6800:4004:810::2006
2404:6800:4004:820::2002
2404:6800:4004:821::2001
2404:6800:4004:821::2002
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:825::2002
2404:6800:4004:827::2003
2404:6800:4012:1::2004
2406:da18:5a5:3101:4d9d:a617:21dc:b3d7
2606:2800:247:9376:8aa7:779e:f6d9:de02
2606:2800:248:1707:10d3:19d0:1ba2:1a23
2606:4700::6811:190e
2620:116:800e:21:46d:7e81:55ff:4c12
2a03:2880:f00c:19:face:b00c:0:3
34.98.64.218
35.186.253.211
35.190.60.146
35.75.164.118
69.173.158.64
02a053625712e7e227d5f51e0b3341e984f989ed00a8491f2586a13a5ba8a61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ef11633593d6927137805b71939b0d462cb18a0dd24a691b51021c7cb48fb92
0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064
10fda81d26c46571ebc459d29f7e62891456a55431fac975d6fb2a2417974aeb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1ca2c223b337f49a3d785d458d76e3c6b334c66834d2c7c26fed7ade1d58e602
22f00268e66f33e8b1b26e2b0f0c600ff33d816bf2a86fb69efbd58c891d1551
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
28f4cec16cd84d3ba943306792a8a1b09e9881c1f23110fa652e1a65e0992da9
2cf7fbdabd16aa8b140f10bb3198493560daecb518f59d6d4eaf1d547c3c8855
302400c223d68d2aab9b35f106c5c4856da0a56729827df52a942292958cf97b
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
331486816e0ac539ea567c3a717113a2d6eca5be42985c007865f0ee899cd0b7
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db
41b0ed5e957aa48ab98f51d1b4b9abeeab24cc9ac905419c2b53c96cc10a23af
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
46c1a59d44f082dc007ea2ff9cfef57e0e7f34814a254cda3858dabfca488017
4830702603e7332bf07f0e97f92fe0fbc3c7e2f03babbbea93a0196c6410d355
493c2a58e0026f755f581467c89bec0caab1e2cc376ea321aaddc24508506821
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f819d1f9bd940e3f9afe547119ff759dffe8f8823833f524184fbd38648ba4b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52e21c36fd2df02d14411bc6f9e6972c5b67705cfa98c9ee1f1304ec8ac10070
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
57a770eb664551b3875aeaf8b0e96eeba0c7bbc3d7e92242a9d2b4d91b80b636
5913adecf67490eb784aa2f315300bc0147eeb33f25779860d778a134d8c7a22
5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125
6527f24ebc5bd6faa0a2c7477d0daff5600484ea232aadb78e02c5ddb3d7ac85
6573649cb6d14f4d96f027dd5db2aaa5ed34bdd7303bfbe11b1d6cfb63c8211c
67fcc770b0622186420eeb8968d10826e071c4471f7c74cf8ee37af0e1486738
6c27ea32e30565caa5e8792a2daea88f5d6a7a632714771b17f6369a1c13e1a1
6e429e66b99746c8d62934cdba27860231942b3126c9334d9aea9b8a02ba0edc
77c7119a791c7e969ceda0aa098e631484ad4304499b02693f50e29c78c19ed1
7e79e16b991b1e55fb236cfd67dc75d84b95741b34c7e3589d58f5cc50a67a58
7eb0a8df21d2aa9f51970e9b5f2ba600511373d1d732e1ac07ee5ec2dd135dd4
802994cb0a58e8dde87a05a84219b283869c6f11c7c21a675ca1e2687daea0b9
8061cff8b95ecba84da70eadc863580ba8c5ac3d4870d172020e352e977e6738
82d031329a0e9870b6cd7e9831d5c29a96563d6caabfb6656538f5cfdae14f16
85c37ef6721ca9bbfd2b115b84e6337980f53c6918dda73ad49a7247c10ac793
86e0036af8cf10a70104f514f36c6135318d4d8c1f4d7f3edc432dd1cd789100
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a5b8bbe5734e6b099d0348e3f2989c62a11c6320dab4ccd96d902e4992dad9b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91bd35ce68255f3b2768fc186f5095ff40719af12857f36e57ab501511a83d03
9583dca981c06abfdfd5a784064a772e1113ae03554724f91a930362aa1f909b
964013d96b76876200fb09fa5e3bee0aff38a5188cd2125b0e588b5c626ca876
97f9b7cab9096a1f281f549f2933f26d0421725999c1c0b663d18a27ec602954
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a8910988ce54a6cd46e4e58fca0a01f3094ea3b29ac7e48ff98430a360dc0ec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c00404934f104a7e593cc36b0f84b55e5ad64e7b25c29e63ab84df4978bf86f
9dbd5500d885c84df2bb614b30b41150bf9e4237a9dd981380348f797d8f751d
9f24ccb0914a32787050f4efc536cc61a2553c8cde632e1ba52131d072acf2df
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14255e68fc99fc5b4a8b323c13070ac67f42775917706fd3b147b436810a5da
a1cae98a37d9d33384999d70d967d92210fb099a5de9bf3713be8ab3aafeb7a5
a3b4af18603043d6994f4b827c8c3ae4cfd9e55ac3a88b30ba66422f15a1f8d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf097cbfacd3b1f758f44121bd41ffbdc9728f67f89bbdce217e94fbd275526
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
af41ae62036908770766eb951408f1a6a597203bf9cd275dacf96f37906ab054
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b98f13298bad026586b55d63b28452f63f9bac3246262b0fe8801cebb79c8254
bd65ea98dc4dbf860a20671be26f4a71ddcabbe7abd57735edd3ab932eb5ea84
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c18e2a8dd61283a556eaf39a4b05c5cfd51c0299f5263ea99d0bb0a4a08a74c0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cbe9878735a73716aa76297165ebd95ab93c5bd57e49861195e94043cc97c525
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
d19c840b263362da35095bddc2e73c272a0660f24ec5e311b50237e47b8297e1
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
dd9cf5f34dd765ccc81a8bfa3289b92bb500bcc1b61f53f058353aa3ad3a436d
ddf53e8d58d2e483b41eb7b6d464b11c743c31b16236097961613befa9cce604
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e561acb0a43b474c874d3c36659db9b828ee3b675f871afef5d54a681f149d12
e6910551e66ad611c90363fc505c43595f1487793279029b0b301a5a16405dda
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee4ef252f7b259c567bc9726c8388594a05b790bc2b60d9505587074d7a4e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96cca4b9a0bfa4222a233c00a9d56e0e461d34366c1425ee5ccc5254136b8d
efdd0455ff3746ea451f1fe281eaae5c0a44600014a2e4819231fe64a9cef908
f98f70f04433ac64ff54f69d3b1d18bd4f44d60165ea5e3ce5bd605f781594a9
fa8fe8f3b53ea62c1c66afb46a7da8bae3e4bbc322963e69aaac076ed49997e1
fb68369c7a342ba8c26d259cb6f9983dded62e8c7f933ea495837a6956152c34
fb8fc4601f70fbaadb6c026c84392f0f504db45562875f20c70944d279a8cebf
fca4b21e7c3b61492f43b26a8736ff3b64cb161d4a6c6192421c9d8efb39555b
fe286d3d2c4aa4a663d5b10b1d53f31bad5b9fee4742170b49835d4f86bcd2bd
feee6b827e72793928c8447a1db0f98b2a5e35307cfeb0ccbb425e9ae2a16610

win.just4fun.biz Open in urlscan Pro 163.44.185.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

90 %HTTPS

46 %IPv6

27 Domains

37 Subdomains

31 IPs

5 Countries

1587 kBTransfer

3982 kBSize

17 Cookies

13 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

win.just4fun.biz Open in urlscan Pro
163.44.185.166 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

90 %
HTTPS

46 %
IPv6

27
Domains

37
Subdomains

31
IPs

5
Countries

1587 kB
Transfer

3982 kB
Size

17
Cookies

166 HTTP transactions
9 data transactions