t2bot.ru Open in urlscan Pro
92.53.96.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://t2bot.ru/en/esetkeys/
Submission: On March 23 via manual (March 23rd 2024, 2:09:17 pm UTC) from RO — Scanned from JP

Summary HTTP 139 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 139 HTTP transactions. The main IP is 92.53.96.125, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is t2bot.ru.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.

This is the only time t2bot.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	92.53.96.125 92.53.96.125	9123 (TIMEWEB-AS) (TIMEWEB-AS)
33	2404:6800:400... 2404:6800:4004:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81f::2003	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81c::2008	15169 (GOOGLE) (GOOGLE)
2 14	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.72.208 35.190.72.208	15169 (GOOGLE) (GOOGLE)
1 2	35.190.20.9 35.190.20.9	15169 (GOOGLE) (GOOGLE)
29	2404:6800:400... 2404:6800:4004:801::2001	15169 (GOOGLE) (GOOGLE)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 3	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.220.102 216.58.220.102	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
1 2	54.65.99.58 54.65.99.58	16509 (AMAZON-02) (AMAZON-02)
2	172.217.175.98 172.217.175.98	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80c::2006	15169 (GOOGLE) (GOOGLE)
2 3	2404:6800:400... 2404:6800:4004:825::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20c... 2600:9000:20c5:bc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	172.217.175.34 172.217.175.34	15169 (GOOGLE) (GOOGLE)
8	2600:1f13:800... 2600:1f13:800:7782:9759:257:dc31:19a2	16509 (AMAZON-02) (AMAZON-02)
139	23

10 92.53.96.125 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vh224.timeweb.ru

t2bot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2404:6800:4004:80f::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81f::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:821::2002 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.72.190.35.bc.googleusercontent.com

ag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.20.9 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 9.20.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.42.194 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.220.102 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s30-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.99.58 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-99-58.ap-northeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:825::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20c5:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7782:9759:257:dc31:19a2 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	1 MB
21	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 353 ad.doubleclick.net — Cisco Umbrella Rank: 189 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 648	197 KB
14	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	71 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1070 static.adsafeprotected.com — Cisco Umbrella Rank: 895 dt.adsafeprotected.com — Cisco Umbrella Rank: 825	107 KB
10	t2bot.ru t2bot.ru	84 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	165 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1179	3 KB
3	yieldoptimizer.com 1 redirects ag.yieldoptimizer.com — Cisco Umbrella Rank: 48853 tag.yieldoptimizer.com — Cisco Umbrella Rank: 7490	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 341	63 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 413	61 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 33691	527 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	87 KB
139	15

	Domain	Requested by
33	pagead2.googlesyndication.com	t2bot.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net
29	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com t2bot.ru pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net t2bot.ru
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	t2bot.ru	t2bot.ru
8	dt.adsafeprotected.com
5	www.gstatic.com	t2bot.ru googleads.g.doubleclick.net
4	www.googleadservices.com	t2bot.ru
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net
3	www.google-analytics.com	t2bot.ru www.google-analytics.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	fw.adsafeprotected.com	1 redirects ad.doubleclick.net
2	ad.doubleclick.net	googleads.g.doubleclick.net www.googletagservices.com
2	tag.yieldoptimizer.com	1 redirects googleads.g.doubleclick.net
2	fonts.googleapis.com	t2bot.ru
1	s0.2mdn.net	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	ag.yieldoptimizer.com	googleads.g.doubleclick.net
1	www.googletagmanager.com	www.google-analytics.com
139	24

This site contains no links.

Subject Issuer	Validity	Valid
t2bot.ru R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2025-01-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-29`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://t2bot.ru/en/esetkeys/
Frame ID: B089C1E0867B250A5C94A7C720A6B8CB
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: D0469C818C868DE48FCB1F97CAF44FEC
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&adk=1812271804&adf=3025194257&lmt=1711200002&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&pra=7&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952935&bpp=4&bdt=906&idt=73&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=5545797783883&frm=20&pv=1&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=81
Frame ID: 9309BF0E1B844C736148EC957B12077B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK49wIQneqOiAIY49yjgQIwAQ&v=APEucNXUC5rx70u80xqsTZCmn-XS7i2B3c53LyV8DxF3sYZV14RfR7rCi8ig1DwyfCArzMCyt1hJpqBN9aU_uCfIyAkUA9hUWQ
Frame ID: A53410DA3F5779CF1FC7A1BE1BDD8FC2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F01B5C259D80C36CD28FF76FBEF3AA9C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: 7D9AE32C5DC61B4A033961B25C63C940
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: C7FAAE8492885545B70E6DAA54D56E1C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: BD24A11CE653FF3C1DAF8394EF3AC483
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: C6E536CA225E3BCD6B82E352B1A5AE42
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 26176A32C3C14FE0404D9C3F80D98112
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FAFE250B5066709277B17828ABDF1DF7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8F3E60DBC2B39B8896F8088B2B573E5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FF2FD61009F0B44DFEA6C2F71A1D40A3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 8ECE5A6F5FA1360B53D8558B7DE77D5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: EBC5D1C64FE90A0A9B5FD9A23298966E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 20AF1E83E3B53A7C36C2DF5F3C16260F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js
Frame ID: 8C3D5FBE7E30764AC0DF0453B0865412
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FC07DF9E1E869C66664D8BDD39ADEFBB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9638DF6EE6F305BFEC9A686B554330E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9427362041A2302D84E8CD3FD357004A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ESET nod32 keys | 30 days trial license for free

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

95 %
HTTPS

57 %
IPv6

15
Domains

24
Subdomains

23
IPs

4
Countries

1913 kB
Transfer

5209 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://tag.yieldoptimizer.com/ps/analytics?pxid=261561& HTTP 302
https://tag.yieldoptimizer.com/ps/analytics?tc=491765636&pxid=261561&

Request Chain 33

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1

Request Chain 35

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zf7iim4sBzAAABMvBajrwQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://googleads.g.doubleclick.net/pagead/adview?ai=C5MjIieL-ZenFBIydid4P96Oc4A7fk5uYaoW9ss_wD4Whw4ydMBABIMmJmyZgifPFhPQToAH1hvqUKMgBAagDAcgDywSqBMwBT9ASlv0uFCaJ_qln_Jnu9wfqKHztElivXNaeIHnyruLc13f5u498QjcBG8mZNapiHDUspwHORiZkHzNEwu75ecMDpDtS6TxwNboldbjx_87oUXCmwY8lWUSafnsIhgv4Lqe7kdA5QtS5Ez7yEKY8d0-t7D4UiCc8USeOx_ykZ0J-8KH5hsoNJgvWDnniVFdIc6cGYM0KDQQS7I3Og7A8LY7wiDyXFp8jKMUgA74otFuNBoxW37rBu52VTgCas-tgv777xd5-n9_hYV1owATTsu2BiQSIBavrm7ZAkgUECAQYAZIFBAgFGASgBgKAB_W-yvQCqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwHyBwQQheAQ0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WM-IoOHHioUDmgmHA2h0dHBzOi8vd3d3LmVudGVncmlzLmNvbS9zaG9wL2phL0pQWS8lRTglQTMlQkQlRTUlOTMlODEvJUU2JUI1JTgxJUU0JUJEJTkzJUU1JTg4JUI2JUU1JUJFJUExLyVFMyU4MyU5NyVFMyU4MyVBRCVFMyU4MiVCQiVFMyU4MiVCOSVFMyU4MSVBRSVFMyU4MyVBMiVFMyU4MyU4QiVFMyU4MiVCRiVFMyU4MyVBQSVFMyU4MyVCMyVFMyU4MiVCMC8lRTclQjIlOTIlRTUlQUQlOTAlRTclODklQjklRTYlODAlQTclRTglQTklOTUlRTQlQkUlQTEvYy9wYXJ0aWNsZWNoYXJhY3Rlcml6YXRpb24_dXRtX2NhbXBhaWduPVBTUyZ1dG1fc291cmNlPXBwYyZ1dG1fbWVkaXVtPWdvb2dsZS1zZWFyY2gmdXRtX3Rlcm09cGFydGljbGUtY2hhcmFjdGVyaXphdGlvbiZ1dG1fY29udGVudD1wcm9kdWN0LXBhZ2WACgHICwHaDBEKCxCAgrrTq8W-r90BEgIBA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi0wOTA3NzcyMzA1MzEwNTA5GACyGAkSArZQGAIiAQDoGAE&sigh=apNrOUmKopw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqwSn5e53i_wHHPmGF49xxuDoAysSXQ6fynX0OfJp5a6Xi3w2XNpyCG6_ddsg5n9ufT06IlcxbLqkC1oxf8NsHKxciqz1mhyWKPsIYAQ&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a483eb0eac720000000000000000%22,%224%22:%220x262bbff6934204d0000000000000000%22,%225%22:%220xaeb67bf12a6202a90000000000000000%22},%22debug_key%22:%2213874248368308281895%22,%22debug_reporting%22:true,%22destination%22:%22https://entegris.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210781361013%22],%2222%22:[%22true%22],%224%22:[%2203-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222338665218830689009%22}&andc=true

Request Chain 103

https://googleads.g.doubleclick.net/pagead/adview?ai=CQT6rieL-ZerFBIydid4P96Oc4A7fk5uYaoW9ss_wD4Whw4ydMBABIMmJmyZgifPFhPQToAH1hvqUKMgBAagDAcgDywSqBMwBT9A78HBOzh0uuyW-q_lcGRzKaih80IAXrXvxOcohJgCx7vTZu6nUDbh5fYOttjlrIuWBevQImZLqVDUiofHDYlZ50Kw32VwebPL42eAfreyRjpey4BZ4wjo0DQFe6N0abcFSSRSq4eItH3DbIZ51QPci2rrunsCuN2zDVxzLJhz-OsEUN1TOMo_djify-cu12xaTdzZEQ9jHve7gS3R4T9BEZ8TzxftpfsGRb35dawUYIFhZqwEWfFn06iUTkRiBfzctImGGzBMua5atwATTsu2BiQSIBavrm7ZAkgUECAQYAZIFBAgFGASgBgKAB_W-yvQCqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwHyBwQQ4JoH0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WM-IoOHHioUDmgmHA2h0dHBzOi8vd3d3LmVudGVncmlzLmNvbS9zaG9wL2phL0pQWS8lRTglQTMlQkQlRTUlOTMlODEvJUU2JUI1JTgxJUU0JUJEJTkzJUU1JTg4JUI2JUU1JUJFJUExLyVFMyU4MyU5NyVFMyU4MyVBRCVFMyU4MiVCQiVFMyU4MiVCOSVFMyU4MSVBRSVFMyU4MyVBMiVFMyU4MyU4QiVFMyU4MiVCRiVFMyU4MyVBQSVFMyU4MyVCMyVFMyU4MiVCMC8lRTclQjIlOTIlRTUlQUQlOTAlRTclODklQjklRTYlODAlQTclRTglQTklOTUlRTQlQkUlQTEvYy9wYXJ0aWNsZWNoYXJhY3Rlcml6YXRpb24_dXRtX2NhbXBhaWduPVBTUyZ1dG1fc291cmNlPXBwYyZ1dG1fbWVkaXVtPWdvb2dsZS1zZWFyY2gmdXRtX3Rlcm09cGFydGljbGUtY2hhcmFjdGVyaXphdGlvbiZ1dG1fY29udGVudD1wcm9kdWN0LXBhZ2WACgHICwHaDBAKChDg-NjHuNqMoRsSAgED2BMK0BUBgBcBshccChoIABIUcHViLTA5MDc3NzIzMDUzMTA1MDkYALIYCRICtlAYAiIBAOgYAQ&sigh=mU4p1Wq0OTo&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqwSn5e53i_wHHPmGF49xxuDoAysSXQ6fynX0OfJp5a6Xi3w2XNpyCG6_ddsg5n9ufT06IlcxbLqkC1oxf8NsHKxciqz1mhyWKPsIYAQ&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a483eb0eac720000000000000000%22,%224%22:%220x262bbff6934204d0000000000000000%22,%225%22:%220xaeb67bf12a6202a90000000000000000%22},%22debug_key%22:%2217322225855514919118%22,%22debug_reporting%22:true,%22destination%22:%22https://entegris.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210781361013%22],%2222%22:[%22true%22],%224%22:[%2203-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211600046428357875185%22}&andc=true

Request Chain 111

https://fw.adsafeprotected.com/rfw/st/1881888/77127947/skeleton.js?adsafe_url=https%3A%2F%2Ft2bot.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Ft2bot.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0907772305310509%26output%3Dhtml%26h%3D600%26slotname%3D4101084483%26adk%3D1912775012%26adf%3D1712765404%26pi%3Dt.ma~as.4101084483%26w%3D300%26lmt%3D1711200002%26format%3D300x600%26url%3Dhttps%253A%252F%252Ft2bot.ru%252Fen%252Fesetkeys%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1711202952752%26bpp%3D5%26bdt%3D723%26idt%3D232%26shv%3Dr20240320%26mjsv%3Dm202403190101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D5545797783883%26frm%3D20%26pv%3D2%26ga_vid%3D1875202460.1711202953%26ga_sid%3D1711202953%26ga_hid%3D1650938407%26ga_fc%3D1%26u_tz%3D540%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D480%26ady%3D561%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31082023%252C31082032%252C95326317%252C31082078%252C95320377%26oid%3D2%26pvsid%3D3928214054814628%26tmod%3D1021955234%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D243&adsafe_type=d&adsafe_jsinfo=,id:5449811e-46b7-1113-a6d1-b85758bb3f77,c:7P6QAX,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6c7dfd7d67-kbllk,rg:jp,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:530,mot:0,app:0,maw:0,tdt:s,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:564,oid:edd98454-e91e-11ee-aca4-da3aac4d6d36,v:19.8.491,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

139 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
t2bot.ru/en/esetkeys/ 6 KB
2 KB 2083ms
935ms Document
text/html 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t2bot.ru/en/esetkeys/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

vh224.timeweb.ru

Software

nginx/1.24.0 /

Resource Hash

aef744dcfc9753bd82747284fd2ddb16c305c9994de327c9251b40dfa2c5e1c6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Mar 2024 14:09:11 GMT
expires: Sun, 24 Mar 2024 03:00:01 GMT
last-modified: Sat, 23 Mar 2024 13:20:02 GMT
server: nginx/1.24.0
vary: Accept-Encoding
x-frame-options: DENY

GET
H2 200 style.css
t2bot.ru/en/esetkeys/css/ 12 KB
4 KB 177ms
176ms Stylesheet
text/css 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/en/esetkeys/css/style.css?v=1711202951
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: 195572c2277117d94303f1e98401f207c22e61ea6d62233b632fd96d52a4d56e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/en/esetkeys/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 20:09:19 GMT
server: nginx/1.24.0
etag: W/"65a9856f-314f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Sun, 23 Mar 2025 14:09:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 102ms
55ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4d40158a8108033296259677826f2416e390a07a92a35729ea95b5544d267b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51323
x-xss-protection: 0
server: cafe
etag: 16312546586089683984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 23 Mar 2024 14:09:12 GMT

GET
H2 200 pic1.jpg
t2bot.ru/img/en/ 30 KB
30 KB 351ms
350ms Image
image/jpeg 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2bot.ru/img/en/pic1.jpg
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: 8329429df7662f07c493c5eb830333ec04db3e3b659ecc08ec21707aa66a0bce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/en/esetkeys/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
last-modified: Thu, 18 Jan 2024 20:09:19 GMT
server: nginx/1.24.0
etag: "65a9856f-7872"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30834
expires: Sun, 23 Mar 2025 14:09:12 GMT

GET
H2 200 jquery-3.1.0.min.js Show response
t2bot.ru/js/ 84 KB
30 KB 525ms
525ms Script
application/x-javascript 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/js/jquery-3.1.0.min.js
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/en/esetkeys/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 20:09:19 GMT
server: nginx/1.24.0
etag: W/"65a9856f-1514f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Sun, 23 Mar 2025 14:09:12 GMT

GET
H2 200 script.js Show response
t2bot.ru/js/ 6 KB
2 KB 512ms
511ms Script
application/x-javascript 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/js/script.js
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: a479aa7f98b5d37d64f5d2db4f54b51884f0abdcf6c193d2dd4b09db2bc76544

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/en/esetkeys/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 20:09:19 GMT
server: nginx/1.24.0
etag: W/"65a9856f-169c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Sun, 23 Mar 2025 14:09:12 GMT

GET
H2 200 script.js Show response
t2bot.ru/en/esetkeys/js/ 2 KB
1 KB 512ms
512ms Script
application/x-javascript 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/en/esetkeys/js/script.js
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: 3b5a5fb72dd548397339e3929668f1b12fd4667346419240f5c7c80e6be642fa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/en/esetkeys/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
last-modified: Sun, 28 Jan 2024 19:39:56 GMT
server: nginx/1.24.0
etag: W/"65b6ad8c-823"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Sun, 23 Mar 2025 14:09:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 119ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/css/style.css?v=1711202951

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26ab2fd4afb5c57248a2007a588878f05464d27dfa0d46a35cadcd00b2bb8972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Mar 2024 14:06:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Mar 2024 14:09:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 45ms
3ms Font
font/woff2 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t2bot.ru
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:45:38 GMT
x-content-type-options: nosniff
age: 213814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 02:45:38 GMT

GET
H2 200 nkeys.php Show response
t2bot.ru/keys/ 3 KB
1 KB 182ms
182ms XHR
text/html 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/keys/nkeys.php
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/js/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: 99501251f94478962884fda041475a68d981c92c29092c0bf0f16c0dccf4ec20

Request headers

Accept: */*
Referer: https://t2bot.ru/en/esetkeys/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
server: nginx/1.24.0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
25 KB 4ms
3ms Font
font/woff2 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t2bot.ru
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:44:12 GMT
x-content-type-options: nosniff
age: 213900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 02:44:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 53ms
2ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Mar 2024 13:24:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2687
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Mar 2024 15:24:25 GMT

GET
H2 200 cat.gif
t2bot.ru/img/ 12 KB
12 KB 176ms
175ms Image
image/gif 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2bot.ru/img/cat.gif
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: 5980f4744f7d22fcf1e1031dc09a06a610bb7380cd7d49a5c0033a67633049d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/en/esetkeys/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
last-modified: Thu, 18 Jan 2024 20:09:19 GMT
server: nginx/1.24.0
etag: "65a9856f-3075"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12405
expires: Sun, 23 Mar 2025 14:09:12 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
216 B 40ms
39ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1650938407&t=pageview&_s=1&dl=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&ul=en-us&de=UTF-8&dt=ESET%20nod32%20keys%20%7C%2030%20days%20trial%20license%20for%20free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1176543593&gjid=2062336700&cid=1875202460.1711202953&tid=UA-63202496-1&_gid=508613218.1711202953&_r=1&_slc=1&z=831386965

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79032f297507081e454f5f617ce9822a0e80aa38f4165e64121627fd217dd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t2bot.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 94ms
52ms Script
application/javascript 2404:6800:4004:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2F5DKH6NTS&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c91ba057d2cba09a891e379eac55ba19a072f6686e6e26959f168eb01112f69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Mar 2024 14:09:12 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 407 KB
138 KB 69ms
68ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f3e339ed2f8907b4630520558d2d40bd4064a1bc76e97a5fd56950cdba3179c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141407
x-xss-protection: 0
server: cafe
etag: 15142226477226353296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:09:12 GMT

GET
H2 200 click.js Show response
t2bot.ru/js/ 1 KB
809 B 175ms
175ms XHR
application/x-javascript 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/js/click.js
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/js/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: cbd800759f1add07d71886ba6eb20866805bc2965b222ddd2c919a16dd75f9ef

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://t2bot.ru/en/esetkeys/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:12 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 20:09:19 GMT
server: nginx/1.24.0
etag: W/"65a9856f-48d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Sun, 23 Mar 2025 14:09:12 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 46 KB
46 KB 4ms
3ms Font
font/woff2 2404:6800:4004:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t2bot.ru
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:57:53 GMT
x-content-type-options: nosniff
age: 213079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47136
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 02:57:53 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 39ms
39ms Ping
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2F5DKH6NTS&gtm=45je43k0v9123164702za200&_p=1711202952683&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1875202460.1711202953&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&dt=ESET%20nod32%20keys%20%7C%2030%20days%20trial%20license%20for%20free&sid=1711202952&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3033
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2F5DKH6NTS&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://t2bot.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D046 24 KB
11 KB 896ms
849ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c61d93edc8ebf917d1ddcb27a0aac051867b6ca49e6a5339cfd74b3ddb6a3124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10903
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:13 GMT
expires: Sat, 23 Mar 2024 14:09:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9309 627 KB
113 KB 881ms
855ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&adk=1812271804&adf=3025194257&lmt=1711200002&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&pra=7&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952935&bpp=4&bdt=906&idt=73&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=5545797783883&frm=20&pv=1&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db95c6a6889a9b012aa176e8f82f233bc309d93d21181f195c14315b480e1958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 115359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:13 GMT
expires: Sat, 23 Mar 2024 14:09:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=attention&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D046 42 B
63 B 43ms
41ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DmgXz8fHx4SHstg7abJDDpbhu53AjtkGV7PP8jCVeG3sfs0PF7EPrLvUxISfShJv_6vPQ30-rSDAZ9Ug2rJrnOpIJO-P2l3jL2LL_FWyIhL6sdnF0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D046 94 KB
33 KB 46ms
44ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:09:13 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D046 18 KB
8 KB 56ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 23 Mar 2024 15:09:05 GMT

GET
H2 200 it
ag.yieldoptimizer.com/ag/ Frame D046 43 B
496 B 103ms
88ms Image
image/gif 35.190.72.208
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.yieldoptimizer.com/ag/it?ac=88184309&n=9&cb=1711202953072362
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.72.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

analytics
tag.yieldoptimizer.com/ps/ Frame D046
Redirect Chain

https://tag.yieldoptimizer.com/ps/analytics?pxid=261561&
https://tag.yieldoptimizer.com/ps/analytics?tc=491765636&pxid=261561&

43 B
718 B

78ms
77ms

Image
image/gif

35.190.20.9
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/analytics?tc=491765636&pxid=261561&
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Protocol: H2
Server: 35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.20.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: image/gif
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/analytics?tc=491765636&pxid=261561&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame D046 3 KB
1 KB 52ms
4ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame D046 20 KB
9 KB 54ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D046 206 KB
62 KB 5ms
3ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:42:59 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A534 448 B
479 B 52ms
50ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK49wIQneqOiAIY49yjgQIwAQ&v=APEucNXUC5rx70u80xqsTZCmn-XS7i2B3c53LyV8DxF3sYZV14RfR7rCi8ig1DwyfCArzMCyt1hJpqBN9aU_uCfIyAkUA9hUWQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:13 GMT
expires: Sat, 23 Mar 2024 14:09:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D046 0
20 B 39ms
39ms Ping
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2950715373767&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D046 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2950715373767&version=m202402290101&ct=77&x=1&cor=7378684114875617000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D046 34 KB
19 KB 81ms
80ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArOt-KkQFZYDMlW-SJPMYMBlfqSEwm9XHKKm4qXJxdczUQ2A3NNA7kSClWyGztOnbUR7t7QSu0CIny3qid_Fu-grOPDnV8cnHSFyviZh2c42IrdTqW9h7aIYamxCDkvqNNTzq2M8bS87IQcHFg-6cvfpCQpHpSifGMsl27Hxsu6eFffL0dPEeSkmHpX5BVO6YQL6d0afDSU4nyhoMsBuRddzC-DQ&cry=1&dbm_d=AKAmf-D_vhVfIDzWvK3Nol5kW9kpbjHmDH3agSJPvtslx0SbV6C4yGmjt0NyTCBP9NcZoTVeIiMzrnWPxyY1leZbP4ekzSI3P0YUd-nY4jKNcsDuGStLXFF6FZNDRiWZ2LxrkjLjgzP0OeW2PNy100Flbe45nLfSj3e2X5RApRQpHexfxX4PycrqLV3NzYfrl-ajRlPgJFrlN99EcwJ-KV5a1MIHGqJ2xa161MbLEgQ8t1GYwuljzF7YaRqOeaPTbp-0qf7KLPN4d60MaAQByidOpCngdqoDhz6tdWkMHX2-9BpZJyzBOFCGIzJTbIiZWv4dkXPP5TPpAFi7P6rXwNcV_bPZ813hVjIKMkr5qk_Y7n3iF-aYKIdYemn8W8QvkmBKo4djLqc4dX82nhJ4Pha9XshOZdtHrz06p1E_KBzeB0MaSORE4ZDLR3YRRL4Xg2sY7K-tujdgd4khozcDLzJTLE2kL8aNjCt0R-E7fywfnZ530BNF_b9nJdN4TaQQ1o24qk96aP_Yi9PmSI8R4pKPLid1PdC6m-xoRM2ewarysnuljiB2zTff8_FaxbcUBD1HxN4rMxUQNSE6lw-s_QLVq5Ig3tErlzLi0oKOzgr3e0_wWFdWdGXzu5PUl7HANn8tKQaZsP6r3622frBdaO6sBqkYEZJgO1H_H9MnyuhApw8F_pci3UQxyjo9EkzeiURTXFAZAIaIEZE7gIiYatzoBWS0E5t5mZhBBySoiBGsPVzHGIuHWRRvC3AHKJTNLu61kBVotXTwn9UeP5eL1OYi41kOTpMsHe5UIYbMOMLUi9ke40lxhtmQC8lqja3XPG69X3Iow7LmiEJwQJqgHJOoaBruK9jCXbdOVvEARBo7gqf0kzlg9KIV808Vc_P9hHd3mZof1NTl9qSRELSURb14G7YTrJ35DhJ5mujSHWT9902MwSXGBkV7LrA7DnIYhjJZ--jyG9tlHIinn-68koLU0UTHZaTjc1tArI-J_b4CTrl9O0vL657NzLz4ekMVcSrd34u21NC2mjj1ddF7A-eCxAU7ckanB2HF1Dc_OVY4hwz40KYAfBDxtseqobHCZ0TAhyOjCjpSqZGwaZIOi3qn1tlplFTozFBz6qnNH_BWSBSOtlZDFMxiLqSjanvz7i5KtlDKxioexT48C0esFoZh5bvrJdmZLX8S7vWihvHRl9v-v4OEYvj3VEix-DLogmjxyB5nBsAHd2o8cFn_N38y0JFaOu4r_uwODsKcRhL6UXKpXGMdctOKtVx7zeBP2Cgb6JVP0WuoqXQzK_a7F_mZMcfBzOUW3Fl1Auj8mP5poFXvlk6Qr4d6d6SzS1HXqOxlYT0Zz4lMZmIN2h5CIqWa6kzIMpWL_LVroq8_kg2qCgx0--uDOmr2OiwAbpA5M5jQ-O7EfEKxe2n9zIq8eMU-k-w6-KXAV-yUzpa-KOftGQwmSxrlC67TX-hcAPD3jPIQPhhauwBckCKISh2VrnraIZDAXG1j4zqZY-_MK0PBWckpqtHmzWMO7QmwmV253I4YrxgTfghzbWbzgBiDtvDPwIVEPtbyfd0PWj0GHxx50QgxAeh1sKgX5rVSUPBCrJnzEfUBCh8CJKA_-DmRY1tknA4rF8yhswzlWRZj8vqx4dP2YEux5AsR4rhbPH-S30GuPzlynazqtwqlZincCzcbqSSHVL94DgJuYcxrgbxftyFfo9w-bgZ4Ogw6hBB0ryheTgf-9dI7V5MQaVMz64TeJwPaP7WU3GFwhq0ldohVCW7pn1DnBowquNZo4GOg8LTwfCZ-pxIv726X5N_XTeBmQ34pzc0NuaXGRCOWJNtIdmtbMDHCjxvEQnlWvuqIjJlirs-tGE-7h0Si__nnzq25q3CUAJ-MpEzzsyL_6dnL6kXcLUNDWqmEO37R31Ija-IAHbELqOjxo95WNeiP1IKHS7YpvIelT5lT68KsZFlEBWzSj6d24-4TN18bFqGw3SEIGZDAILvcnhytxv-L4nTZx02wSbOqq8FRkKLzMsWTQV1QUDJDqeJ8FD0UbNY3wN9mUTAGw6huYhmW8LMFFJlAipdnRJQQsSJv78SsSn11n0_jLukTWlKS5Vnp7d3uTeIXvLbFIiu8BYcndw0a21Pn_B-mO4lVdz9mTB9zFQD-Q8tYzrpfskruCcl9n1igSsM61VPlbeKZSjeVqjKhaujz-xkjn9F-iCAPJXm8fRpBia_d8Okz03IK4C20jCgi_ubP_DJ9QuGnR_wn4dwB2p41f3OZ3fiQNKWG8k9O34iERA9sdDYyf9N6tIvJ2pVVgaMEAC9NAvpnVQweYlqeHSNwe6e9DtAFjr81i2CstVOzGXiRVHT_ZxyqOUIxQ1FObtIb97_aIs0lr7eZU6--FUnAsyOLtVTdJHZnDsF0F7P18au4ErZaivgUdiH-Nt5qBKWBs4zRn8xMokYxucDJJNaO11fLOs2_aDus7Izof35UMFD-rgID0MJCZ_z6NMob0DJZmoEii0FTnyfLzO2HtT290b8uvjJ9G7lX4DdeF02Ta85A4SkhcZ8IxFlcvUMqA2Th4j93vtt9ymO-kFwbn7-nozRs6YvohAjkv2cpoE-xd1wUS01N5RV4wFHp6w9fOCdQxvjTE8j8FpNtjH8JqmA8olWwb6zIwnTxN3cvfEaR2XeOoo-6KrhgKFz4qVl2AyQ9YVcnui_waGW3Prjb1HGK-1SU68okd8votJDxbpHNDDtw2yViFZpDunuYQr1Z2EBfbbEdKEvoc9ZVHWEU-5y8-BLG8LAv5GTQdgRiuo32EuqK7EORk9poa7qBkb4CY-g0akyawjzHoj8i0BOb7EC6RwQha2rKAkSnWAUpVlK-i51XQmFf0vLC99t1RQnTXhNdZgBJ6j7HSo2N4bGFwfml4su-azhKfWbLsXqi--VC-_0zPOMmAHA486idUuwRORBmTYNVrb4MH3bCJ5vQITSVeksM2fS3qppyR0iYyni-T0owz0RmpEpmh6GwOAWwGArOF9vnoepaKpexhnKlkh_pcrF6AgmGzT12ey0YCfwUmboBDU4NV9PSCWIJzXG9cdnb-EvEtuPJc_Xg68dSRXGp9Bw7dJ5XMxhuIuP-tr3HvUQ9rSCOFPLEy7_2Gu5sQncqm0LsVZfwSQIDUuABYlt85mxY_FhaghxOCzYAeUkH5pOhy26i5I18BJvuZIwci2OQ79cWmUeiysmmqblMoPky1YCj5PA1FJXLaeH9FnIQZ9d7IFzKjAec8XCTjMuHWYnB4IkhGeduQ6Abt4muKwuyXiSpiwcTznbnn5j-WY64ogJ9h7PhNYzvTcqd9VvDAhu4G3dJ26jCgsu0NgK7Y3eMoqhoJwhnxnxLiIyRFNbvpWkgWusNXV_P1K0iwByyvBxTiaQDVCfdUcsB6b0Nj_-msnaEEIoUw9qTCBgz40XeJHT8hXlsXnGf4alBdCnQ1SokV3PE4A2u_fyO1L62EpyWsuMG2hZjwJVU8v1wP21ajnnLfyexsk3U53LBkwz-DX0XEXVu8CCtA1w5LpiBJjkL1Mr7D-USqeGBtZJZeI05JrB07Im6PkGrAyrG8JHCHD6OUnWMvj3VCP-ERYOU4j_6ZRJgJldwOIIto24EIp9CKW136pd7BypzrK1ZBEqno83C-F6zAaE3Y1LPoCgSVZgryMi24r1BSexI0BCHZatBn1kqKvn9v0_w9lHgEgI38iz_N1XvOiiFd_YVUuwubm85UYy9yktgcg&cid=CAQSTwB7FLtqtkxBPolMSiU18H7OhFz8aJSFFmss77YkjdNoyEsegVJD4p3x-uQgR0kRlQJO-oSc5oIbRs9gB-2TLrGkbwA0L5l3CrhMQscsLAgYAQ&dv3_ver=m202402290101&rfl=https%3A%2F%2Ft2bot.ru%2F&ds=l&xdt=1&iif=1&cor=7378684114875617000&adk=3476589349&idt=51&cac=0&dtd=24

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24481396e86be425ff56a25d6c96f4b291b00b25aa5422efd1a320a4766c37db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19774
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A534
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
409 B

77ms
42ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK49wIQneqOiAIY49yjgQIwAQ&v=APEucNXUC5rx70u80xqsTZCmn-XS7i2B3c53LyV8DxF3sYZV14RfR7rCi8ig1DwyfCArzMCyt1hJpqBN9aU_uCfIyAkUA9hUWQ

Protocol

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 23 Mar 2024 14:09:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A534
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1

43 B
774 B

17ms
16ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK49wIQneqOiAIY49yjgQIwAQ&v=APEucNXUC5rx70u80xqsTZCmn-XS7i2B3c53LyV8DxF3sYZV14RfR7rCi8ig1DwyfCArzMCyt1hJpqBN9aU_uCfIyAkUA9hUWQ
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fpTjMS%2Bjh%2Fo8nL%2BURsWTvkhSqQLQy9ympweyww34lAhxq6jBROeGr2LflgnkrobvRjCUTdcIQIN1B%2FEpfjRKoUgkBy39nkLKUexe1EcoJ3lm28jOmATQkps2V%2BQx2DTP%2BjN6KNE%2FMENwvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 868eff7f1e733475-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A534
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zf7iim4sBzAAABMvBajrwQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1

43 B
738 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK49wIQneqOiAIY49yjgQIwAQ&v=APEucNXUC5rx70u80xqsTZCmn-XS7i2B3c53LyV8DxF3sYZV14RfR7rCi8ig1DwyfCArzMCyt1hJpqBN9aU_uCfIyAkUA9hUWQ
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcCwsT2ohzTcO5l92Y9VBOF%2B3s8g%2BcBFZ10azNQ6Hg6q4WVUocp%2B8Zz30a7K%2FOfmW7mLW7FO85p7Kxd940pGgVnl0heK%2BS2%2B69DHLBhR70%2FS0rU18j6mAevEUdaTn3C4dW%2FWg8GlhU4J%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 868eff7f4ea03475-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMIoiG9X8GK0L3Y2IFEaru8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 167 KB
56 KB 54ms
54ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/reactive_library_fy2021.js?bust=31082078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c04f8f0e12ccc76d1f5a3e792e9414267a5b41065f89f8faac144929f71293de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57637
x-xss-protection: 0
server: cafe
etag: 18305555040121865004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:09:14 GMT

GET
H2 200 ca-pub-0907772305310509 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 103ms
62ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-0907772305310509?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06bd0a1334806908b96bb3dc9956ca24550d5967ae38a6f7ab387e8b31d7e672

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BCwGIZnXlxj1Oyy-3oI1TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BCwGIZnXlxj1Oyy-3oI1TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTN0XX093o2gQmH3_oAAKS_MQE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame D046 31 KB
11 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArOt-KkQFZYDMlW-SJPMYMBlfqSEwm9XHKKm4qXJxdczUQ2A3NNA7kSClWyGztOnbUR7t7QSu0CIny3qid_Fu-grOPDnV8cnHSFyviZh2c42IrdTqW9h7aIYamxCDkvqNNTzq2M8bS87IQcHFg-6cvfpCQpHpSifGMsl27Hxsu6eFffL0dPEeSkmHpX5BVO6YQL6d0afDSU4nyhoMsBuRddzC-DQ&cry=1&dbm_d=AKAmf-D_vhVfIDzWvK3Nol5kW9kpbjHmDH3agSJPvtslx0SbV6C4yGmjt0NyTCBP9NcZoTVeIiMzrnWPxyY1leZbP4ekzSI3P0YUd-nY4jKNcsDuGStLXFF6FZNDRiWZ2LxrkjLjgzP0OeW2PNy100Flbe45nLfSj3e2X5RApRQpHexfxX4PycrqLV3NzYfrl-ajRlPgJFrlN99EcwJ-KV5a1MIHGqJ2xa161MbLEgQ8t1GYwuljzF7YaRqOeaPTbp-0qf7KLPN4d60MaAQByidOpCngdqoDhz6tdWkMHX2-9BpZJyzBOFCGIzJTbIiZWv4dkXPP5TPpAFi7P6rXwNcV_bPZ813hVjIKMkr5qk_Y7n3iF-aYKIdYemn8W8QvkmBKo4djLqc4dX82nhJ4Pha9XshOZdtHrz06p1E_KBzeB0MaSORE4ZDLR3YRRL4Xg2sY7K-tujdgd4khozcDLzJTLE2kL8aNjCt0R-E7fywfnZ530BNF_b9nJdN4TaQQ1o24qk96aP_Yi9PmSI8R4pKPLid1PdC6m-xoRM2ewarysnuljiB2zTff8_FaxbcUBD1HxN4rMxUQNSE6lw-s_QLVq5Ig3tErlzLi0oKOzgr3e0_wWFdWdGXzu5PUl7HANn8tKQaZsP6r3622frBdaO6sBqkYEZJgO1H_H9MnyuhApw8F_pci3UQxyjo9EkzeiURTXFAZAIaIEZE7gIiYatzoBWS0E5t5mZhBBySoiBGsPVzHGIuHWRRvC3AHKJTNLu61kBVotXTwn9UeP5eL1OYi41kOTpMsHe5UIYbMOMLUi9ke40lxhtmQC8lqja3XPG69X3Iow7LmiEJwQJqgHJOoaBruK9jCXbdOVvEARBo7gqf0kzlg9KIV808Vc_P9hHd3mZof1NTl9qSRELSURb14G7YTrJ35DhJ5mujSHWT9902MwSXGBkV7LrA7DnIYhjJZ--jyG9tlHIinn-68koLU0UTHZaTjc1tArI-J_b4CTrl9O0vL657NzLz4ekMVcSrd34u21NC2mjj1ddF7A-eCxAU7ckanB2HF1Dc_OVY4hwz40KYAfBDxtseqobHCZ0TAhyOjCjpSqZGwaZIOi3qn1tlplFTozFBz6qnNH_BWSBSOtlZDFMxiLqSjanvz7i5KtlDKxioexT48C0esFoZh5bvrJdmZLX8S7vWihvHRl9v-v4OEYvj3VEix-DLogmjxyB5nBsAHd2o8cFn_N38y0JFaOu4r_uwODsKcRhL6UXKpXGMdctOKtVx7zeBP2Cgb6JVP0WuoqXQzK_a7F_mZMcfBzOUW3Fl1Auj8mP5poFXvlk6Qr4d6d6SzS1HXqOxlYT0Zz4lMZmIN2h5CIqWa6kzIMpWL_LVroq8_kg2qCgx0--uDOmr2OiwAbpA5M5jQ-O7EfEKxe2n9zIq8eMU-k-w6-KXAV-yUzpa-KOftGQwmSxrlC67TX-hcAPD3jPIQPhhauwBckCKISh2VrnraIZDAXG1j4zqZY-_MK0PBWckpqtHmzWMO7QmwmV253I4YrxgTfghzbWbzgBiDtvDPwIVEPtbyfd0PWj0GHxx50QgxAeh1sKgX5rVSUPBCrJnzEfUBCh8CJKA_-DmRY1tknA4rF8yhswzlWRZj8vqx4dP2YEux5AsR4rhbPH-S30GuPzlynazqtwqlZincCzcbqSSHVL94DgJuYcxrgbxftyFfo9w-bgZ4Ogw6hBB0ryheTgf-9dI7V5MQaVMz64TeJwPaP7WU3GFwhq0ldohVCW7pn1DnBowquNZo4GOg8LTwfCZ-pxIv726X5N_XTeBmQ34pzc0NuaXGRCOWJNtIdmtbMDHCjxvEQnlWvuqIjJlirs-tGE-7h0Si__nnzq25q3CUAJ-MpEzzsyL_6dnL6kXcLUNDWqmEO37R31Ija-IAHbELqOjxo95WNeiP1IKHS7YpvIelT5lT68KsZFlEBWzSj6d24-4TN18bFqGw3SEIGZDAILvcnhytxv-L4nTZx02wSbOqq8FRkKLzMsWTQV1QUDJDqeJ8FD0UbNY3wN9mUTAGw6huYhmW8LMFFJlAipdnRJQQsSJv78SsSn11n0_jLukTWlKS5Vnp7d3uTeIXvLbFIiu8BYcndw0a21Pn_B-mO4lVdz9mTB9zFQD-Q8tYzrpfskruCcl9n1igSsM61VPlbeKZSjeVqjKhaujz-xkjn9F-iCAPJXm8fRpBia_d8Okz03IK4C20jCgi_ubP_DJ9QuGnR_wn4dwB2p41f3OZ3fiQNKWG8k9O34iERA9sdDYyf9N6tIvJ2pVVgaMEAC9NAvpnVQweYlqeHSNwe6e9DtAFjr81i2CstVOzGXiRVHT_ZxyqOUIxQ1FObtIb97_aIs0lr7eZU6--FUnAsyOLtVTdJHZnDsF0F7P18au4ErZaivgUdiH-Nt5qBKWBs4zRn8xMokYxucDJJNaO11fLOs2_aDus7Izof35UMFD-rgID0MJCZ_z6NMob0DJZmoEii0FTnyfLzO2HtT290b8uvjJ9G7lX4DdeF02Ta85A4SkhcZ8IxFlcvUMqA2Th4j93vtt9ymO-kFwbn7-nozRs6YvohAjkv2cpoE-xd1wUS01N5RV4wFHp6w9fOCdQxvjTE8j8FpNtjH8JqmA8olWwb6zIwnTxN3cvfEaR2XeOoo-6KrhgKFz4qVl2AyQ9YVcnui_waGW3Prjb1HGK-1SU68okd8votJDxbpHNDDtw2yViFZpDunuYQr1Z2EBfbbEdKEvoc9ZVHWEU-5y8-BLG8LAv5GTQdgRiuo32EuqK7EORk9poa7qBkb4CY-g0akyawjzHoj8i0BOb7EC6RwQha2rKAkSnWAUpVlK-i51XQmFf0vLC99t1RQnTXhNdZgBJ6j7HSo2N4bGFwfml4su-azhKfWbLsXqi--VC-_0zPOMmAHA486idUuwRORBmTYNVrb4MH3bCJ5vQITSVeksM2fS3qppyR0iYyni-T0owz0RmpEpmh6GwOAWwGArOF9vnoepaKpexhnKlkh_pcrF6AgmGzT12ey0YCfwUmboBDU4NV9PSCWIJzXG9cdnb-EvEtuPJc_Xg68dSRXGp9Bw7dJ5XMxhuIuP-tr3HvUQ9rSCOFPLEy7_2Gu5sQncqm0LsVZfwSQIDUuABYlt85mxY_FhaghxOCzYAeUkH5pOhy26i5I18BJvuZIwci2OQ79cWmUeiysmmqblMoPky1YCj5PA1FJXLaeH9FnIQZ9d7IFzKjAec8XCTjMuHWYnB4IkhGeduQ6Abt4muKwuyXiSpiwcTznbnn5j-WY64ogJ9h7PhNYzvTcqd9VvDAhu4G3dJ26jCgsu0NgK7Y3eMoqhoJwhnxnxLiIyRFNbvpWkgWusNXV_P1K0iwByyvBxTiaQDVCfdUcsB6b0Nj_-msnaEEIoUw9qTCBgz40XeJHT8hXlsXnGf4alBdCnQ1SokV3PE4A2u_fyO1L62EpyWsuMG2hZjwJVU8v1wP21ajnnLfyexsk3U53LBkwz-DX0XEXVu8CCtA1w5LpiBJjkL1Mr7D-USqeGBtZJZeI05JrB07Im6PkGrAyrG8JHCHD6OUnWMvj3VCP-ERYOU4j_6ZRJgJldwOIIto24EIp9CKW136pd7BypzrK1ZBEqno83C-F6zAaE3Y1LPoCgSVZgryMi24r1BSexI0BCHZatBn1kqKvn9v0_w9lHgEgI38iz_N1XvOiiFd_YVUuwubm85UYy9yktgcg&cid=CAQSTwB7FLtqtkxBPolMSiU18H7OhFz8aJSFFmss77YkjdNoyEsegVJD4p3x-uQgR0kRlQJO-oSc5oIbRs9gB-2TLrGkbwA0L5l3CrhMQscsLAgYAQ&dv3_ver=m202402290101&rfl=https%3A%2F%2Ft2bot.ru%2F&ds=l&xdt=1&iif=1&cor=7378684114875617000&adk=3476589349&idt=51&cac=0&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:18:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11694
x-xss-protection: 0
server: cafe
etag: 7675425396172501416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 23:18:59 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D046 41 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Mar 2025 08:41:17 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxMTIwMjk1NDAzMjg3MAogIHNlcnZlcl9pcDogOTkxOTM5MzIKICBwcm9jZXNzX2lkOiA0MjEyMTE4MTM0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEwMzE2OTI2...
ad.doubleclick.net/ddm/activity/ Frame D046 0
869 B 94ms
46ms Image
image/png 216.58.220.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxMTIwMjk1NDAzMjg3MAogIHNlcnZlcl9pcDogOTkxOTM5MzIKICBwcm9jZXNzX2lkOiA0MjEyMTE4MTM0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDEwMzE2OTI2CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9zeWRuZXlvcGVyYWhvdXNlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMTc3NjYyNzk0NzcxNTkyNzMxOApkZWJ1Z19rZXk6IDE1MDUxMTMzOTMwNzAwODUxMzg0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMy0yMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEwMzE2OTI2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgzODUwNjM5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NTM4OTExMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjEwMTc4NTU0NDgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1Mzk1NTMzNzkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc3lkbmV5b3BlcmFob3VzZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWxoaWR1dHlmcmVlLmNvLmluIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQKZG1hX3Byb2R1Y3RfaWQ6IDEyMjcxNTgzNwp4ZmFfYXR0cmlidXRpb25fYXBpX3R5cGU6IFhGQV9BVFRSSUJVVElPTl9BUElfVFlQRV9XRUIK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x51fa36db24d2f2680000000000000000","13":"0xba823c1791ce73100000000000000000","14":"0x9b9f084cfbb744610000000000000000","15":"0x5d34299d7687497d0000000000000000"},"debug_key":"15051133930700851384","debug_reporting":true,"destination":"https://sydneyoperahouse.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["10316926"]},"priority":"0","source_event_id":"11776627947715927318"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame D046 59 KB
23 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 02:44:30 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F01B 38 KB
13 KB 4ms
3ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 106075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:41:19 GMT
expires: Sat, 22 Mar 2025 08:41:19 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B31182477.383016896;dc_ver=99.292;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=3476589345;ord=yzsrqp;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184309%26n%3D9%26_omu%3Dhttps%3A%2F%2Fg... Show response
ad.doubleclick.net/ddm/adj/N555401.1862881ADARA.COM/ Frame D046 81 KB
35 KB 107ms
84ms Script
text/javascript 216.58.220.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N555401.1862881ADARA.COM/B31182477.383016896;dc_ver=99.292;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=3476589345;ord=yzsrqp;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184309%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oTmieL-Zaq1BM2Aid4Pk9-02A2atK-gdsrbw6e8EuLwk43OBBABIMmJmyZgifPFhPQTyAEJqAMByAObBKoE4QFP0KYI_DFNGNJP6_U-Zr1tWh_QcPKSanUbv-bJFZGxA9Zw6A4mBATxgDvlIb5Z3yUiOTOyDvBtwNddtTJ_HAfp9_NFIO2XMvHmYjxWEQao3C75a-IROZURUuyDryXt3V3YuDFdCHiQhZDsJxPs0nq7V6mFalbKsa2BJHNp4VKMjSnNIUXJAY1uzLBjbCsYI2-ZTFRPrf6IFBpxgX5K200swvLMKdR405R-_EBQr7BNoYNfGtx5YerVzBHFbmzsNX2vaLjfc0yuG45aMvs5ZVsFsWKSsLgCcpPnODnN54cepfzABNet9a3NBOAEA4gF2IuMpk6QBgGgBk2AB_3f1-QBqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOli__p_hx4qFA4AKAZgLAcgLAYAMAaoNAkpQsBPP9oEX2BMKiBQD2BQB0BUB-BYBgBcB6BcBshgJEgKmTxhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTwB7FLtqtkxBPolMSiU18H7OhFz8aJSFFmss77YkjdNoyEsegVJD4p3x-uQgR0kRlQJO-oSc5oIbRs9gB-2TLrGkbwA0L5l3CrhMQscsLAgYAQ%26sig%3DAOD64_34IwK0pgNvRBxBIB64-O9U_s9zBA%26client%3Dca-pub-0907772305310509%26dbm_c%3DAKAmf-DtP1yf8zhxeNjbVtnF1UT1VBH2K2cF4uvWAS0qKBN-bpxk4u9MpBnJgmXUIiOeUK_NYS3YOgoQqHITpiwFSHC99ViKsUdn9VgDf5WfzEMxpMG2wXvXV54SHqoXNeI11TLdVAy8WKVZdhRJWyGCO4YA5YB8EDaRV4OpmqBfqOsJsmRyDCXa66rxBOE6MsfG3lPQTyI3qLEPLgEoVdwmVMInDOcwCw%26cry%3D1%26dbm_d%3DAKAmf-DZO8DHvfegWkZwosuxmrvatdiWIobzrPqcz3yguJLf_ylbXYv6hL90xhgw6XlGt_ET47vwyepB57kgoGRE90B7q0pyjmx0B4MGffN6ls4tLUEIUWp54WUM_nKGv2msojl2WTx-bke1pkpk9XCXNDOYOllpSQywL2wUyIH1QGZyQt0vGDR30oGfaOXXnWI2Sa9LNJjiNb8oNrPO8e3pVJEOD9hoHEgRZXs0Y8JnTUEQghmEA0LnIIOTjDQ4fGjv21YlMHsTCy4PO6CXErQN8XZDv1wEB4SAZFvOe9rK_SQ05lwG442sJ0_eVKJCH2IdVWL-LEfpFHYlsvukLXFf821tAq8rVwqIgubmyXJZiBegTENhm_RJ7CYDdtIvWTf4Q6-LkYsm4nN2ROtvRPc8ayG6j8XnKLopw13efFbjs8zjWwCRHgUwF4wCUhWLSfnypWKfrTzjARzEkrTNrJhtVGC3N6WQdEqLsApXFHySGM5-YhDPPnBsXCCdHXnxzodhalpVjx1YuA3Ye55xlBzxvKMe91M1abNq8tDpaVvdT_AKZiOi2PBU8ODYdCdW-eLStw2Znotv%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Ft2bot.ru%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=9bGGYaliTH;stc=1;chaa=1;sttr=23;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f6.1e100.net

Software

cafe /

Resource Hash

9540ef9b79acb70ea7d2e44ac5b5c7aa8b245edf9ad7b0066b3e90738b05a7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame F01B 52 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 08:52:25 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame 7D9A 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 27898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 06:24:16 GMT
etag: 5035419970550746386
expires: Sat, 06 Apr 2024 06:24:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame C7FA 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 27898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 06:24:16 GMT
etag: 5035419970550746386
expires: Sat, 06 Apr 2024 06:24:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame BD24 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 27898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 06:24:16 GMT
etag: 5035419970550746386
expires: Sat, 06 Apr 2024 06:24:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame C6E5 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 27898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 06:24:16 GMT
etag: 5035419970550746386
expires: Sat, 06 Apr 2024 06:24:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUqkztRRloVCtVeBwqjv0WoM4wizjFbUwrg3Rnic4ileFrC2Z2pfEcSsO-qrETqMMqtCSyeG70AOsxULygg0YzfJhSs1Bj9zyGrXoOqQnn1mUUPXe5SYE1Nt_UTQAvdIRHO8TuYsg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 53ms
53ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUqkztRRloVCtVeBwqjv0WoM4wizjFbUwrg3Rnic4ileFrC2Z2pfEcSsO-qrETqMMqtCSyeG70AOsxULygg0YzfJhSs1Bj9zyGrXoOqQnn1mUUPXe5SYE1Nt_UTQAvdIRHO8TuYsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjAyOTU0LDI1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90MmJvdC5ydS9lbi9lc2V0a2V5cy8iLG51bGwsW1s4LCJCWFh3S01BQ29mZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMzP9RpEEDBSQfOOXNx4pQVwBx7XLQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c8a669b31836740e7b0ccc74f1a313f3c242a3ed2b53f2cee044e0b827ce20b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-S-HCfp_IGp9Q3zPPNJOx6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-S-HCfp_IGp9Q3zPPNJOx6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTD0XX093o2gQmXVncxAgDY3jEV"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2617 14 KB
1 KB 40ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Mar 2024 14:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Mar 2024 12:40:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Mar 2024 14:09:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 2617 2 KB
822 B 3ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 2617 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAFE 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 13:58:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 2617 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 2617 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2617 206 KB
62 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:42:59 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame 2617 36 KB
15 KB 57ms
10ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 14:59:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 06:24:17 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 7D9A 15 KB
6 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 07:22:30 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D9A 205 B
651 B 52ms
9ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:31:24 GMT
x-content-type-options: nosniff
age: 214670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Mar 2025 02:31:24 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D9A 604 B
696 B 52ms
9ms Image
image/png 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:56:08 GMT
x-content-type-options: nosniff
age: 213186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Mar 2025 02:56:08 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 7D9A 22 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 06:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 06:18:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C7FA 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame C7FA 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C7FA 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C7FA 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C7FA 206 KB
62 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:42:59 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame C7FA 36 KB
15 KB 40ms
12ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 14:59:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 06:24:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame BD24 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame BD24 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame BD24 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame BD24 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BD24 206 KB
62 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:42:59 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame BD24 36 KB
15 KB 26ms
10ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 06:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 14:59:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 06:24:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame C6E5 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8F3 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 13:58:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C6E5 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C6E5 20 KB
8 KB 4ms
2ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 22:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 22:23:28 GMT

GET
H3 200 11256727294334287787
tpc.googlesyndication.com/simgad/ Frame C6E5 24 KB
24 KB 8ms
7ms Image
image/png 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11256727294334287787?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkWtMa7d4XjO-vJmDxQFNUhMPRlfA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d84ae4f899550eb17dcf14eccd2a5cc1997570c693963c3492ea1f947821b8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:42:23 GMT
x-content-type-options: nosniff
age: 210411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24299
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 00:55:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Mar 2025 03:42:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C6E5 206 KB
62 KB 6ms
4ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:42:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame C6E5 36 KB
14 KB 8ms
6ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d2c308318200321bc194c7dae715236fc4eddaab4188d1a0568a8fa8721024a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 00:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14701
x-xss-protection: 0
server: cafe
etag: 289687390770401761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 00:25:08 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1881888/77127947/ Frame D046 60 KB
15 KB 23ms
6ms Script
application/javascript 54.65.99.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1881888/77127947/skeleton.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N555401.1862881ADARA.COM/B31182477.383016896;dc_ver=99.292;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=3476589345;ord=yzsrqp;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184309%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oTmieL-Zaq1BM2Aid4Pk9-02A2atK-gdsrbw6e8EuLwk43OBBABIMmJmyZgifPFhPQTyAEJqAMByAObBKoE4QFP0KYI_DFNGNJP6_U-Zr1tWh_QcPKSanUbv-bJFZGxA9Zw6A4mBATxgDvlIb5Z3yUiOTOyDvBtwNddtTJ_HAfp9_NFIO2XMvHmYjxWEQao3C75a-IROZURUuyDryXt3V3YuDFdCHiQhZDsJxPs0nq7V6mFalbKsa2BJHNp4VKMjSnNIUXJAY1uzLBjbCsYI2-ZTFRPrf6IFBpxgX5K200swvLMKdR405R-_EBQr7BNoYNfGtx5YerVzBHFbmzsNX2vaLjfc0yuG45aMvs5ZVsFsWKSsLgCcpPnODnN54cepfzABNet9a3NBOAEA4gF2IuMpk6QBgGgBk2AB_3f1-QBqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOli__p_hx4qFA4AKAZgLAcgLAYAMAaoNAkpQsBPP9oEX2BMKiBQD2BQB0BUB-BYBgBcB6BcBshgJEgKmTxhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTwB7FLtqtkxBPolMSiU18H7OhFz8aJSFFmss77YkjdNoyEsegVJD4p3x-uQgR0kRlQJO-oSc5oIbRs9gB-2TLrGkbwA0L5l3CrhMQscsLAgYAQ%26sig%3DAOD64_34IwK0pgNvRBxBIB64-O9U_s9zBA%26client%3Dca-pub-0907772305310509%26dbm_c%3DAKAmf-DtP1yf8zhxeNjbVtnF1UT1VBH2K2cF4uvWAS0qKBN-bpxk4u9MpBnJgmXUIiOeUK_NYS3YOgoQqHITpiwFSHC99ViKsUdn9VgDf5WfzEMxpMG2wXvXV54SHqoXNeI11TLdVAy8WKVZdhRJWyGCO4YA5YB8EDaRV4OpmqBfqOsJsmRyDCXa66rxBOE6MsfG3lPQTyI3qLEPLgEoVdwmVMInDOcwCw%26cry%3D1%26dbm_d%3DAKAmf-DZO8DHvfegWkZwosuxmrvatdiWIobzrPqcz3yguJLf_ylbXYv6hL90xhgw6XlGt_ET47vwyepB57kgoGRE90B7q0pyjmx0B4MGffN6ls4tLUEIUWp54WUM_nKGv2msojl2WTx-bke1pkpk9XCXNDOYOllpSQywL2wUyIH1QGZyQt0vGDR30oGfaOXXnWI2Sa9LNJjiNb8oNrPO8e3pVJEOD9hoHEgRZXs0Y8JnTUEQghmEA0LnIIOTjDQ4fGjv21YlMHsTCy4PO6CXErQN8XZDv1wEB4SAZFvOe9rK_SQ05lwG442sJ0_eVKJCH2IdVWL-LEfpFHYlsvukLXFf821tAq8rVwqIgubmyXJZiBegTENhm_RJ7CYDdtIvWTf4Q6-LkYsm4nN2ROtvRPc8ayG6j8XnKLopw13efFbjs8zjWwCRHgUwF4wCUhWLSfnypWKfrTzjARzEkrTNrJhtVGC3N6WQdEqLsApXFHySGM5-YhDPPnBsXCCdHXnxzodhalpVjx1YuA3Ye55xlBzxvKMe91M1abNq8tDpaVvdT_AKZiOi2PBU8ODYdCdW-eLStw2Znotv%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Ft2bot.ru%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=9bGGYaliTH;stc=1;chaa=1;sttr=23;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.99.58 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-99-58.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 7aeefd959a64017ecda724954102af311172237abda5a7e4811a89303df6f99a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D046 86 KB
31 KB 47ms
45ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N555401.1862881ADARA.COM/B31182477.383016896;dc_ver=99.292;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=3476589345;ord=yzsrqp;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88184309%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oTmieL-Zaq1BM2Aid4Pk9-02A2atK-gdsrbw6e8EuLwk43OBBABIMmJmyZgifPFhPQTyAEJqAMByAObBKoE4QFP0KYI_DFNGNJP6_U-Zr1tWh_QcPKSanUbv-bJFZGxA9Zw6A4mBATxgDvlIb5Z3yUiOTOyDvBtwNddtTJ_HAfp9_NFIO2XMvHmYjxWEQao3C75a-IROZURUuyDryXt3V3YuDFdCHiQhZDsJxPs0nq7V6mFalbKsa2BJHNp4VKMjSnNIUXJAY1uzLBjbCsYI2-ZTFRPrf6IFBpxgX5K200swvLMKdR405R-_EBQr7BNoYNfGtx5YerVzBHFbmzsNX2vaLjfc0yuG45aMvs5ZVsFsWKSsLgCcpPnODnN54cepfzABNet9a3NBOAEA4gF2IuMpk6QBgGgBk2AB_3f1-QBqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOli__p_hx4qFA4AKAZgLAcgLAYAMAaoNAkpQsBPP9oEX2BMKiBQD2BQB0BUB-BYBgBcB6BcBshgJEgKmTxhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSTwB7FLtqtkxBPolMSiU18H7OhFz8aJSFFmss77YkjdNoyEsegVJD4p3x-uQgR0kRlQJO-oSc5oIbRs9gB-2TLrGkbwA0L5l3CrhMQscsLAgYAQ%26sig%3DAOD64_34IwK0pgNvRBxBIB64-O9U_s9zBA%26client%3Dca-pub-0907772305310509%26dbm_c%3DAKAmf-DtP1yf8zhxeNjbVtnF1UT1VBH2K2cF4uvWAS0qKBN-bpxk4u9MpBnJgmXUIiOeUK_NYS3YOgoQqHITpiwFSHC99ViKsUdn9VgDf5WfzEMxpMG2wXvXV54SHqoXNeI11TLdVAy8WKVZdhRJWyGCO4YA5YB8EDaRV4OpmqBfqOsJsmRyDCXa66rxBOE6MsfG3lPQTyI3qLEPLgEoVdwmVMInDOcwCw%26cry%3D1%26dbm_d%3DAKAmf-DZO8DHvfegWkZwosuxmrvatdiWIobzrPqcz3yguJLf_ylbXYv6hL90xhgw6XlGt_ET47vwyepB57kgoGRE90B7q0pyjmx0B4MGffN6ls4tLUEIUWp54WUM_nKGv2msojl2WTx-bke1pkpk9XCXNDOYOllpSQywL2wUyIH1QGZyQt0vGDR30oGfaOXXnWI2Sa9LNJjiNb8oNrPO8e3pVJEOD9hoHEgRZXs0Y8JnTUEQghmEA0LnIIOTjDQ4fGjv21YlMHsTCy4PO6CXErQN8XZDv1wEB4SAZFvOe9rK_SQ05lwG442sJ0_eVKJCH2IdVWL-LEfpFHYlsvukLXFf821tAq8rVwqIgubmyXJZiBegTENhm_RJ7CYDdtIvWTf4Q6-LkYsm4nN2ROtvRPc8ayG6j8XnKLopw13efFbjs8zjWwCRHgUwF4wCUhWLSfnypWKfrTzjARzEkrTNrJhtVGC3N6WQdEqLsApXFHySGM5-YhDPPnBsXCCdHXnxzodhalpVjx1YuA3Ye55xlBzxvKMe91M1abNq8tDpaVvdT_AKZiOi2PBU8ODYdCdW-eLStw2Znotv%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Ft2bot.ru%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=9bGGYaliTH;stc=1;chaa=1;sttr=23;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c60ec0cba242f1d08c9531903236c158a0ddb2ee4c63229e4e0961cd7aabb800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32139
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1711020961582176"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Mar 2024 14:09:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame D046 12 KB
4 KB 7ms
5ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 23:43:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D046 0
0 144ms
45ms Fetch
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVhn5TtKgmBgDouiqNWIg0mo9JEMoGzMcutwvnTAdCicVGmKD6CF-GoDdlV59u1GEpSZuK6W6slPpBK0u-NYuqOPZ_MjEMOMh9h9a8W0tlZVMsnlkoCKLL3VWhFDJlQlKGQtXQw30tRb-mTM72_n_hW0P1VDEI7B4vLIYMWmoHdrfTOqzQAaniEI_ylFPVPpl1E8B2d1tMvEQ&sai=AMfl-YRoQoN6CUbPbQtfxXhUk9N2-spkT2Lb8u7dLsqw_XRJxm34jEePXplSu8yECh5oXHq02NWtcDYZRQLxB_cEtj5unECBwo2X52Bqpw&sig=Cg0ArKJSzFzwDsUP1mVJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240320.26662&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Mar 2024 14:09:14 GMT

GET
H2 200 9633355474471644013
s0.2mdn.net/simgad/ Frame D046 60 KB
61 KB 50ms
4ms Image
image/jpeg 2404:6800:4004:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9633355474471644013

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7235fb9daddcc2edc87a4f215a8fd97468c20b8ae2dc8926050108e5d4feb605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 02:34:40 GMT
date: Thu, 21 Mar 2024 02:34:40 GMT
x-content-type-options: nosniff
age: 214474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:15:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F01B 0
20 B 44ms
43ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3kWYiuL-ZeaAAsyopt8P9qS_2A8AAAAAOAHgBAI&bg=!ZmWlZSrNAAZewuCMfsI7ADQBe5WfOMK-j-am25Pku31yzEV4R7-1-SeOgyA2Gh1lH_kssj2M1K0jx_ubYBazGeFR2XolAgAAAG1SAAAAA2gBB34ANdP06dRpjY9poiU0gNrzMYAPAQ__Oy2Zia4IK2cqBhlsfjPaSvUVFUnJMxfU40GkczfxVor5CgB9lUmn4vd24S4ASuTnyMLSeeKehoqbIbcGKqBk1aUMGDYCNttd-_xGvPg89DO0xeKgZT75k1dz3UamJ2XKBoWnNSDY-2TKT8OPUQgjwJt3960bR8vzpqveUaB9C63qR9gwTFGd63UmaDafBX5Yy9amXYn1b_EkjpvdbRGHVbeZAnqDy_5gLrfukh-CqZMs_uGv7uuRuTtFtb8HODWNJ1-vYH3d8JDRHI1q0sy205LqF8HUUnWkdHFHz7xvvZWnCoq-XEL9KPrahxVTMOGkXNJncjscsJd3_aevZEbitDLKkSQydemKwo6sqS-_nsY6ha2VdhVyLwO-WF-rGqwmT7ElkHIjaP7OKMeYRJAi-Sb-IBXXaOxkLeBjOILAj0mQFn9bZfeYMRrpdqWLSmsMGULB6cFlsqfexrH2UG_0cDfA_xldTkIleKL54R3yyZMu_UUHnRc6wKLgZN5aHIuY2B24roqLFS1yTaZSpDPCWNN9CvM-PJX9V28irD9evVLZbn-WgFsnVRZC6Nfbbzi0uKtEUFDGfaCM5CZj1DN_Ai79IpdEu2baxmM4a8NC7l2UT36cAIN6n5Ji6lpl3YaocC8kbamJbCVZY9Hb4yds93cwb_h7TcA4VD16Hr-nXX1u7wJ8dHPkBfPsRTg7SeYIuqnDgxEkiuh2aB58z-kvEH21EtsRQ0E7ZeLDtpDKqISFJml8uh5IzJBzP9xU6hOHUYqsitCXDOUvjjKQe-RfykmJrK3oiPxWirysI1DNSn8OsIcwtBFyUHVpt3K-o0zq9646mKLl-UNMiZuh2tUr2AcEgvnOKFiuvls98W67Hx02rjb8EtC35TACV1cb6r_BLYfRSZiAS43_Is8tesefs57yz79Cau2xcK1wDhLkNm0x4x2RARoed45hUKQbNl0XIOVUC3j-SreXypBACgA4ltlfKPFltTq18x74vjua0f7HqQXpFFCP8QtmH0Opyw_k269gzOcirJJmF-oJUbAx81jeubWgiW1b4XmsamGr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FF2F 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 106075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 08:41:19 GMT
expires: Sat, 22 Mar 2025 08:41:19 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D046 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 840e8ce2d9ce7e96469375a647f45a5545d26d6db5e16421840d1ac2dabe0f09

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D046 0
0 60ms
42ms Fetch
image/gif 172.217.175.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVhn5TtKgmBgDouiqNWIg0mo9JEMoGzMcutwvnTAdCicVGmKD6CF-GoDdlV59u1GEpSZuK6W6slPpBK0u-NYuqOPZ_MjEMOMh9h9a8W0tlZVMsnlkoCKLL3VWhFDJlQlKGQtXQw30tRb-mTM72_n_hW0P1VDEI7B4vLIYMWmoHdrfTOqzQAaniEI_ylFPVPpl1E8B2d1tMvEQ&sai=AMfl-YRoQoN6CUbPbQtfxXhUk9N2-spkT2Lb8u7dLsqw_XRJxm34jEePXplSu8yECh5oXHq02NWtcDYZRQLxB_cEtj5unECBwo2X52Bqpw&sig=Cg0ArKJSzFzwDsUP1mVJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=84&vt=11&dtpt=82&dett=2&cstd=0&cisv=r20240320.26662&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Mar 2024 14:09:14 GMT

GET
H3 200 AGSKWxVrUtGQ8GHLR5CHBdYlD-TUcJljE72wOjog58GORx4-FtzJM8z3VO-bZiispcPkRODgplbgrb299_NDdcUbdalCU_PFsR-Vc8gfpSdE8I5PUZPsN6e3auf_Fvt1BzBFuefRQ62x2A== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 61ms
60ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVrUtGQ8GHLR5CHBdYlD-TUcJljE72wOjog58GORx4-FtzJM8z3VO-bZiispcPkRODgplbgrb299_NDdcUbdalCU_PFsR-Vc8gfpSdE8I5PUZPsN6e3auf_Fvt1BzBFuefRQ62x2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjAyOTU0LDQ1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdDJib3QucnUvZW4vZXNldGtleXMvIixudWxsLFtbOCwiQlhYd0tNQUNvZmciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8541b50e29d9c07ff74a0ed8c83bc07e268af436208ceafb7feae07bc07faece

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9ap3quvwBFokI5IkE_mPYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9ap3quvwBFokI5IkE_mPYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTD0XX093o2gRUnV75hBADbuDGI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAFE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

129ms
128ms

Document
text/html

2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:14 GMT
expires: Sat, 23 Mar 2024 14:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

128ms
128ms

Document
text/html

2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:14 GMT
expires: Sat, 23 Mar 2024 14:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.19.8.491.js Show response
static.adsafeprotected.com/ Frame D046 216 KB
67 KB 370ms
114ms Script
application/javascript 2600:9000:20c5:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.491.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1881888/77127947/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4a391b257a6995671b0815752fa0784d079bc7266d15e59bc7a76eebc8b46d0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 21:36:45 GMT
x-amz-version-id: wHx9kGfMtHSCY3NFYeny6RZbFrO9IDhq
content-encoding: gzip
via: 1.1 bd310f631d1314e239dc9cd04967c61e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 318750
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 19 Mar 2024 18:56:42 GMT
server: AmazonS3
etag: W/"3b6ff1d377956e23af5815888d2962f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 2zkc7Lg-YgoXmIUBV8VsKJwmxWPDGXTfnqgTrW-PFNZKreKwo_UC6Q==

GET
DATA 200
OK truncated
/ Frame C6E5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbcc9c3d0f3b820bdeee9803a33a2abf3dac0c99b29f7b77602a798f6f84ed8b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame FF2F 52 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 08:52:25 GMT

GET
H3 200 3086403379991718024
tpc.googlesyndication.com/daca_images/simgad/ Frame C7FA 29 KB
29 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3086403379991718024?w=360&h=720&tw=1&q=75

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d26fa207657dc07547c93529ed9520f2db4dd6044f5e5d0fef2a31a4e520b789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 10:59:26 GMT
date: Sat, 23 Mar 2024 10:59:26 GMT
x-content-type-options: nosniff
age: 11388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29471
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 22:22:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame C7FA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27881a8c11d220ada89241974fcf714a9442a444b24dca229e9f557e2331cde4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3086403379991718024
tpc.googlesyndication.com/daca_images/simgad/ Frame BD24 29 KB
29 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3086403379991718024?w=360&h=720&tw=1&q=75

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d26fa207657dc07547c93529ed9520f2db4dd6044f5e5d0fef2a31a4e520b789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 30 Mar 2024 10:59:26 GMT
date: Sat, 23 Mar 2024 10:59:26 GMT
x-content-type-options: nosniff
age: 11388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29471
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 22:22:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame BD24 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ad71c7da7b9258403b6cd669ba527ead08b5bf2c50506a2ef35efabfa386483

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8ECE 52 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 08:52:25 GMT

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame EBC5 52 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 08:52:25 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C7FA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5MjIieL-ZenFBIydid4P96Oc4A7fk5uYaoW9ss_wD4Whw4ydMBABIMmJmyZgifPFhPQToAH1hvqUKMgBAagDAcgDywSqBMwBT9ASlv0uFCaJ_qln_Jnu9wfqKHztElivXNaeIHnyruLc13f...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a48...

0
0

84ms
41ms

Fetch
text/css

172.217.175.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a483eb0eac720000000000000000%22,%224%22:%220x262bbff6934204d0000000000000000%22,%225%22:%220xaeb67bf12a6202a90000000000000000%22},%22debug_key%22:%2213874248368308281895%22,%22debug_reporting%22:true,%22destination%22:%22https://entegris.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210781361013%22],%2222%22:[%22true%22],%224%22:[%2203-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222338665218830689009%22}&andc=true

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Server

172.217.175.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x12d3f8a5b90ede710000000000000000","2":"0x77fc3c3ba141d100000000000000000","3":"0x49a6a483eb0eac720000000000000000","4":"0x262bbff6934204d0000000000000000","5":"0xaeb67bf12a6202a90000000000000000"},"debug_key":"13874248368308281895","debug_reporting":true,"destination":"https://entegris.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10781361013"],"22":["true"],"4":["03-23"],"6":["true"]},"priority":"500","source_event_id":"2338665218830689009"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Mar 2024 14:09:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x12d3f8a5b90ede710000000000000000","2":"0x77fc3c3ba141d100000000000000000","3":"0x49a6a483eb0eac720000000000000000","4":"0x262bbff6934204d0000000000000000","5":"0xaeb67bf12a6202a90000000000000000"},"debug_key":"13874248368308281895","debug_reporting":true,"destination":"https://entegris.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10781361013"],"22":["true"],"4":["03-23"],"6":["true"]},"priority":"500","source_event_id":"2338665218830689009"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BD24
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQT6rieL-ZerFBIydid4P96Oc4A7fk5uYaoW9ss_wD4Whw4ydMBABIMmJmyZgifPFhPQToAH1hvqUKMgBAagDAcgDywSqBMwBT9A78HBOzh0uuyW-q_lcGRzKaih80IAXrXvxOcohJgCx7vT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a48...

0
0

82ms
40ms

Fetch
text/css

172.217.175.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a483eb0eac720000000000000000%22,%224%22:%220x262bbff6934204d0000000000000000%22,%225%22:%220xaeb67bf12a6202a90000000000000000%22},%22debug_key%22:%2217322225855514919118%22,%22debug_reporting%22:true,%22destination%22:%22https://entegris.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210781361013%22],%2222%22:[%22true%22],%224%22:[%2203-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211600046428357875185%22}&andc=true

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Server

172.217.175.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x12d3f8a5b90ede710000000000000000","2":"0x77fc3c3ba141d100000000000000000","3":"0x49a6a483eb0eac720000000000000000","4":"0x262bbff6934204d0000000000000000","5":"0xaeb67bf12a6202a90000000000000000"},"debug_key":"17322225855514919118","debug_reporting":true,"destination":"https://entegris.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10781361013"],"22":["true"],"4":["03-23"],"6":["true"]},"priority":"500","source_event_id":"11600046428357875185"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Mar 2024 14:09:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x12d3f8a5b90ede710000000000000000","2":"0x77fc3c3ba141d100000000000000000","3":"0x49a6a483eb0eac720000000000000000","4":"0x262bbff6934204d0000000000000000","5":"0xaeb67bf12a6202a90000000000000000"},"debug_key":"17322225855514919118","debug_reporting":true,"destination":"https://entegris.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10781361013"],"22":["true"],"4":["03-23"],"6":["true"]},"priority":"500","source_event_id":"11600046428357875185"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
43ms Preflight
text/html 172.217.175.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x12d3f8a5b90ede710000000000000000%22,%222%22:%220x77fc3c3ba141d100000000000000000%22,%223%22:%220x49a6a483eb0eac720000000000000000%22,%224%22:%220x262bbff6934204d0000000000000000%22,%225%22:%220xaeb67bf12a6202a90000000000000000%22},%22debug_key%22:%2217322225855514919118%22,%22debug_reporting%22:true,%22destination%22:%22https://entegris.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210781361013%22],%2222%22:[%22true%22],%224%22:[%2203-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211600046428357875185%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Mar 2024 14:09:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
43ms Preflight
text/html 172.217.175.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Mar 2024 14:09:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 20AF 52 KB
20 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: t2bot.ru
URL: https://t2bot.ru/en/esetkeys/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 08:52:25 GMT

GET
H3 200 jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C3D 52 KB
20 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jXfRH9G_-5_y2d9FtLfVUFqP1nroUl1KS7Cmyw17Bqk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 08:52:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20495
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 08:52:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF2F 0
20 B 42ms
41ms Image
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhKHtiuL-ZY7OCpu5pt8Pt6-Z4AEAAAAAOAHgBAI&bg=!6uml6abNAAZewuCMfsI7ADQBe5WfOHixMnQnOmpnCWAVEVLEBo7q3SqtEdlXAw9wNMz286GSPCYkInSIHa_a7wB5uUjwAgAAAOVSAAAAA2gBB34ANYeHR13GBe2xATUZY_6cFTPCBkaN51pL_4awSrMbRNZ-VFr1jWZ3lbzGWdgJDe1Eu9fbxMKQmQKZGz25VbcZPp-5s1TAMffzMd10Lg3HjTlUDDlwmmOuA_2UpgzByi1dcrTNYmCerKxpnKeE1L_h0ShvqXPhJzNvg1ubcmdWxoVWUL8Vnp7QqVL8SLmMhwp7_iY6GVMvFn-zHsAGlXrm_loxK37-nptd6n_-h0cx0XZ0b9gPGxBXyR-LjClbaF1dEaR-_bEHW2_hq2f4-UP-diC-sVtJ6CIv6cVn6Ge1y0fIqCzN8MD0AAIsNsrFp14bj0a3IO1z9Yrb7rpE6Y60rvDy01eOVlBFnjXp7UGH65bhOVSi5ilsL4WL8IrmNDzXrNJbeAIyw7uvrcOnxSlk2dOjkF8hq2jlpVupC3TakuZCf6NDsS3vmnSp_lJ7zLjFY6SPX7Ksw5f7UrfQNdAC_kSid86ENJzUwNyHyc3db_Q5TKXIKcZnY2FKlecyZ1v4yRP4wt2pEh9A_gXmT4U1yDA5C-9hfJV8tIsecISglQ7Miw4K9-AZIDAV2l1M7qSNFoNhF_LK6BBqnN2WXvFfjfvXgD5_Cy1DgzyrFEVB9W5RciDiVBQfoIGcZpSw90HDd--izC4dc5nLfAgPPWIbC3sCMxc0G8jAuzheC5Ung7nEHP5SuYaAwtktdl3j-pPt1MdNoerbaFLCNJf_gsVlELyruxdTQKC1wK3Ult0GtucGVwjqhgRpYuiEESveMtTnwxmukkFIRK42SBNeij7s3znzc_FPL_9fSM6EcYX5kOkWHzbbrkvQ0dJILqcHFRNEXc9o6IqoRzY12w13dmHfcesSbnXzmQGtEPvZmDY5AMKPDo8omvSSITaG33eRO1P8FbmKiAAhRLTU38wedCCTQTADvmORsXgQ5cs9KDrTEzcHA7ZVlirF-yyDQ1ZTef4FwZM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 adsCount.php Show response
t2bot.ru/inc/ 0
68 B 182ms
182ms XHR
text/html 92.53.96.125
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2bot.ru/inc/adsCount.php
Requested by: Host: t2bot.ru
URL: https://t2bot.ru/js/jquery-3.1.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.53.96.125 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vh224.timeweb.ru
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://t2bot.ru/en/esetkeys/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx/1.24.0
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 100ms
57ms XHR
application/json 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc6476c3dd43fd6e211714ac703d61597495ddbbdf1fa7e548c692c0e334e7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12565
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame D046
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1881888/77127947/skeleton.js?adsafe_url=https%3A%2F%2Ft2bot.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Ft2bot.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogle...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

101ms
101ms

Script
application/javascript

2600:9000:20c5:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:20c5:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 15:27:05 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 bd310f631d1314e239dc9cd04967c61e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 20212931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: KPTtCmo8ZU1MvNGAUeWvPa1PJe9Sz54NHx1-SBhEPybGasY7aSZPcA==

Redirect headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: app05.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FC07 91 KB
23 KB 113ms
113ms Script
application/javascript 2600:9000:20c5:bc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0907772305310509&output=html&h=600&slotname=4101084483&adk=1912775012&adf=1712765404&pi=t.ma~as.4101084483&w=300&lmt=1711200002&format=300x600&url=https%3A%2F%2Ft2bot.ru%2Fen%2Fesetkeys%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711202952752&bpp=5&bdt=723&idt=232&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=5545797783883&frm=20&pv=2&ga_vid=1875202460.1711202953&ga_sid=1711202953&ga_hid=1650938407&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=480&ady=561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082023%2C31082032%2C95326317%2C31082078%2C95320377&oid=2&pvsid=3928214054814628&tmod=1021955234&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:28:56 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 bd310f631d1314e239dc9cd04967c61e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 9686420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wBkXbOQ4t1u_sj7lvTL_5bpGZUq6UOZh6Pdsl8itvXcaSP2toaEwpw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
216 B 478ms
129ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QBg,pingTime:0,time:582,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:563%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:583,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:564%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 480ms
131ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QBh,pingTime:-3,time:583,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:563%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:583,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:564%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 599ms
251ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QBi,pingTime:-6,time:584,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:584,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:564%7D&tpiLookup=ao:t2bot.ru*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 474ms
131ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QBo,pingTime:-2,time:590,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1364,bdZ:1390,beA:1548,beZ:1549,mfA:2080,cmA:2085,inA:2086,inZ:2096,prA:2096,prZ:2104,si:2111,poA:2113,poZ:2126,cmZ:2126,mfZ:2126,loA:2131,loZ:2133,ltA:2137,ltZ:2137,mdA:1550,mdZ:2043%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.600,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:563%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:590,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8~100%5D,as:%5B8~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:564,sinceFw:25,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
72ms Script
text/javascript 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Mar 2024 14:09:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A963 13 KB
5 KB 7ms
5ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 7679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 12:01:16 GMT
expires: Sun, 23 Mar 2025 12:01:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9427 829 B
995 B 47ms
39ms Document
text/html 2404:6800:4004:825::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b98b464529cb3500e149c80b88435a37708808f8c30abd1dba10c3b8dd70fc71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bxe-Cc1ZicdDEko8ZW0vqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t2bot.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bxe-Cc1ZicdDEko8ZW0vqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 14:09:15 GMT
expires: Sat, 23 Mar 2024 14:09:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A963 40 KB
16 KB 4ms
3ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 04:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 04:41:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9427 0
0 39ms
38ms Image
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=3928214054814628&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 280ms
131ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QEv,time:783,type:e,im:%7Bimprf:%7Bttecl:899,ecd:135,tsecr:16%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:783,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~100%5D,as:%5B201~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:564,sis:715%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxVRTyNaLB-ao580yzu25WUhMVz_Ht6Kwexy4SKIPNJE5BLdx5eS9W9WlJfaAYePSAiQsoJT9LTA5e0mVQHOmSl9ziB0jeli8bJalAmbtxupU2Sn_J26fA5vqP-9sIKGK26iZaguvJyG4SN1DnCuh4o6xVwwi... 54 B
109 B 52ms
52ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVRTyNaLB-ao580yzu25WUhMVz_Ht6Kwexy4SKIPNJE5BLdx5eS9W9WlJfaAYePSAiQsoJT9LTA5e0mVQHOmSl9ziB0jeli8bJalAmbtxupU2Sn_J26fA5vqP-9sIKGK26iZaguvJyG4SN1DnCuh4o6xVwwiNFBcao_o4OZglNNUN4O09P5FB_sxfkH/_/msn-exo-/ad_serv./728x90top./abdetect.js.org/ad/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BXXwKMACofg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzZPe1UaDnwu0d_A-UqaRkwkvIh8A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfeea842fdf9c7cbe8b61f714286ef3b9209c448418aecceac72cc069e7bd4c7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z9EOVzj9rGd9r8-yxubc9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-z9EOVzj9rGd9r8-yxubc9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTD0X3093o2gQcNk1YzAgDdKjEl"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 51ms
51ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd957fd299d2697060fb14cb0f699c4100afba41f83d455c076f2b21f7dc701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51323
x-xss-protection: 0
server: cafe
etag: 4497002457868258759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 23 Mar 2024 14:09:15 GMT

POST
H3 204 AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 82ms
43ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mVQDoXm9wJ7ZJp-9JXsnjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mVQDoXm9wJ7ZJp-9JXsnjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1gDgFiIh6P76O_1bAI_vj7axQgAyp0NLQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t2bot.ru
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A963 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DpB-bw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 45ms
44ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--FG6qw3sKeUmUdMlDNI7MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--FG6qw3sKeUmUdMlDNI7MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1gDgFiIh6P76O_1bAInjvYfZAQAxxQMeg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t2bot.ru
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
49ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zq63DXuXSImUdqWRcpx-JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-Zq63DXuXSImUdqWRcpx-JA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1gDgFiIh6P76O_1bAI7Nj87zggAx68Mtg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t2bot.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 43ms
43ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ruOI2hTTBoIHSBZcJKsgBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-ruOI2hTTBoIHSBZcJKsgBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1gDgFiIh6P76O_1bAIPfr45yggAyXsNJw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t2bot.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVk555dq3DTIl853dwYMfCqI54YwZmHQcct1EgIW7E2Zu5XCIQOEIMMa5SKrgQqLTfU8BZ7ELIc9x_8QfcjflDzGnxufMKE3M7EVELxhnozA0piOz9GRFzGotlAvzYi5KYrc6uSBw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVk555dq3DTIl853dwYMfCqI54YwZmHQcct1EgIW7E2Zu5XCIQOEIMMa5SKrgQqLTfU8BZ7ELIc9x_8QfcjflDzGnxufMKE3M7EVELxhnozA0piOz9GRFzGotlAvzYi5KYrc6uSBw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjAyOTU1LDM5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90MmJvdC5ydS9lbi9lc2V0a2V5cy8iLG51bGwsW1s4LCJCWFh3S01BQ29mZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b77dc300ed48be574c2f7f4ad8e631c317a39bd75af8c39aadc0c69ef04364f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M6vdSXJVm4ZixUTKm45IDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-M6vdSXJVm4ZixUTKm45IDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaOry-ZJIBYDYj51k1nVQFizfXTWQOBOOb5dNYUIHZKn8EaAMQ-9TNYo4C49eY51slAfHLBedaLQCzEw9F99Pd6NoEZbWvOMQIALLM2Lg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUfq5WWqvEAVOKMuezvwu3PN2WtRAXYLfIr5roFE3x8BdNzwMtTW-YgYNv6YU7c32cdYNxUYxmwp6FxGZznB33w3G4M8cGnpbTb5FXMEF5CX2ljEmfo4gXieSVmERUmJBbbY11f-Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
54ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUfq5WWqvEAVOKMuezvwu3PN2WtRAXYLfIr5roFE3x8BdNzwMtTW-YgYNv6YU7c32cdYNxUYxmwp6FxGZznB33w3G4M8cGnpbTb5FXMEF5CX2ljEmfo4gXieSVmERUmJBbbY11f-Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sfW6xenzSipV07G-RbRyOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sfW6xenzSipV07G-RbRyOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1gDgFiIh6P76O_1bAIfDra9YAQAxxEMtQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://t2bot.ru
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
47ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpuC6rXOec0Co4R6D7uvACbKAfiy1GO9VYQivG0NqzBhO40uZvrFcGhzmRqttFQOEs1M-rNl8jeJuivZCU7Y2aL0o4ns75-niLEjLgF7n7KxCGbvsBdeTypXOowuwaE5Z07sQ_7g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X6mjbZzh8elyNp-B3u7ysg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://t2bot.ru/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Mar 2024 14:09:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-X6mjbZzh8elyNp-B3u7ysg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1gDgFiIh6P76O_1bAIdj5c-ZwQAyHIMoA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://t2bot.ru
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D046 42 B
64 B 44ms
44ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspNydvkbs6WQoz87klXd9UTdUWfbkE0WfPwLT9rnhLu3yU95mszC1QbxKLg8y7Ry6aVaJW6iBCAGoWkyKTs3TiT2yFRCqzEndgbpYiZTw1lL5KSKa7QE_wD3sr7tMG_kuMnzwSg5EgWE5PdA&sig=Cg0ArKJSzH75hLRoMsXNEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3476589345&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=713575400&rst=1711202952997&rpt=1454&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D046 42 B
64 B 42ms
42ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUax_ZR5u3xPi3RKWXA1LseaPWhjbUAFSKZiIQhhSDvmLLW2SX7qLUHDzq3-MbiTpf5ezmNijSJVuk0aXwd0DUn1vmVoLvODp2WhbRhZaKeq2dnjXcKlB8CpJG2rcjjcmF48TCDw4laYxpDptPKw&sai=AMfl-YRvjIHKsTbzVEBaDp0AmU4v3xWHk-ad7QsnXi13QMU8QbMC4PybVb6lVi3jK6FrNrKLp3ZRaYh5g5b7nl_gQaO8ruCnS1zODJQryke-oAXCtJG9X6pv6cgmUY7jO7D7vdbiOBBLcJPA-DXEODDfxQ&sig=Cg0ArKJSzCQHUycIWTfuEAE&cid=CAQSTwB7FLtqtkxBPolMSiU18H7OhFz8aJSFFmss77YkjdNoyEsegVJD4p3x-uQgR0kRlQJO-oSc5oIbRs9gB-2TLrGkbwA0L5l3CrhMQscsLAgYAQ&id=lidar2&mcvt=1004&p=0,0,622,300&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1912775012&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=713575400&rst=1711202952997&rpt=1451&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 131ms
131ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QJ4,pingTime:-10,time:1066,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNTQwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMjggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1711202955609%7C%7C39b46cbce96d77bc0bb518908520237b%7C%7Cc2f0dae1be250666004502f5b1159da0%7C%7Ca38d420750721d4f9a549768385f749a%7C%7C8ffb641b2a6561df5aa8d93db05b09e2%7C%7C196f5cced15a1772ced770bc842175f8%7C%7C2848582f4734b64633f9dddb5965125b%7C%7Cf84dbd4a7ff6dbefb92a90fe916ef4e1%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7FA 42 B
64 B 39ms
39ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuus1AU2Ic87WDrE8ewD9GBY2aPP7QogIJZOtkRYyuE72ZrgFyhFSadsSBKu3htrIoBLCKFlR_-ua5buylfdwtFGQRUvtI3vRy8VanbGS4JsZZbdVlLIYykgByjG_R4sreQ0HnA0sB2Ykeff-RnCfqL0_CyPYFlFJg&sai=AMfl-YRHZH6jonWBDELAJhG1Gu6Im8Lxz8o6uCmY0jK2kJYd1EU5LG1WziYNpO1KM1k-ZU-tDLvrapR064KXZFXHthRJ02yN6FniffFLtYfHGKlpdKuLYidPA97VBMEiwxpQ6GXxgBYi0IWaR3IaHqTlYw&sig=Cg0ArKJSzFWLABslZnB9EAE&cid=CAQSTwB7FLtqwSn5e53i_wHHPmGF49xxuDoAysSXQ6fynX0OfJp5a6Xi3w2XNpyCG6_ddsg5n9ufT06IlcxbLqkC1oxf8NsHKxciqz1mhyWKPsIYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=713575400&rst=1711202954246&rpt=338&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD24 42 B
64 B 40ms
40ms Fetch
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrdDoAHv9lhnD7nxH-ujLCUplukuIWnihdJ-ehknTrBHiSfKaN_1Q87Eo3xQS2AN6S58YNDu79cmL5jNWZbVruU3mvYqt_R_Ld8Ps5fq_X2_suDdOKl98B61Muww8xBzBCxQm4lO6d16K7Hwgf1QaIn5KbRG_cX0w&sai=AMfl-YShk_gA8YDW23buhHz4CWu6Waqt9oM50yHt_865whVgnmUM8_Eb-cA2mfiZctts9yLlgFLbs_rt7jnpXeBvzOE6sEanWVLN8ruG9R2CCLQrj5NAy0uLNyU6fRh07Pz0_BpCh_FZV4vd3zz2cA7aIA&sig=Cg0ArKJSzJ01TTtkQfdREAE&cid=CAQSTwB7FLtqwSn5e53i_wHHPmGF49xxuDoAysSXQ6fynX0OfJp5a6Xi3w2XNpyCG6_ddsg5n9ufT06IlcxbLqkC1oxf8NsHKxciqz1mhyWKPsIYAQ&id=lidar2&mcvt=1001&p=-50,0,450,200&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=713575400&rst=1711202954248&rpt=347&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
44ms Image
text/html 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=3928214054814628&bg=!-Pul-7TNAAZaswqNerM7ADQBe5WfOBsnEKv_v3hqnfyH51JB2Icfpu5nr2iQ3sVIrz4gHWmxY41Ek_ZZydlCB891nAzkAgAAADxSAAAADWgBB34ANTXnmeVUS_W0yC2OPWDBtbYZDV93exbT-LGlIbc5jE1Zogi1wTsf1hVgNvPCMYBNgxYgCFmfCgBGBXmTQVn3hfVRnUGX1K8Q2NM07r42CtBo6wDjlyRdalwLfe6pCWlAdVckGxROU_yNTT1xbM_A3y-lS_dsKrBLfuujHm6jfZkCZmnJ8qFcjhwTsaPj8Vw3ugrOBlUN1-2UdYURx48agruFGHsCTzonbUz2ZsZ-j8pbU5ND8PU_x29vplu5kvNLP9a5YX8FB3uuGW8IJJGtvLTDf3H7u3D1Ltl1ytgmBIiekDvrn0KDV-x1WFOjCAVLLvwa_HlgDPs8kATWI4oiOFh2d0jT4CgFApD_9CXEDmRcr9L1VGFmYMyiy_jD9eva93cVwYZES6jchrvn0bpRd5113fM1k9AQ0Uj2NxTct_EU-lsjEv3j9PmaB06WFUXGDPZmvIraKq0-LmScxnVq9k1pSWPtqCVZf9l50xm5QuC7V-irhJBeqnZp-4RmBVtNiUysU308n18RYFFNglINeo_MR9vpWlyK__yui7G7OZwTI9PdHj2zWjP4l21Hz2HINmF293G01JCHhEwtgGuSnlG34gfihtL2Sr4A4C_Vb4fVVHwzBWhtNnv08fIGfZ7V5xZFS6ypY2hAeBy2_eWppEl6F-RbHfT-W14NBgK4_YjYJdHi37oNAuDoKMSeScFleGCVdNz0tFOjlZt7WibeUBlRKd_O9AF-MeVqlbEYbYyqg3InGrL5YPQ0KIC7GQS3rKGuqt3-FuVivHW7Skm55UjpXKGXjiZ06B92ADP6VCndNStUVJ0ezkkvQD3M_f3NJvDx6qIWewuXjbpeR-0kQkxE0RvsD1vqYM56-TEYO7lAmf8J2LSw29VVTqVCvew30UuZMmEMbHJ3fd9M66vap0kTL_PU0JTq2K4GcZ-0rmpcRSUd24VnwicFR1Sjt2okF4ZhPWKcvsEKx-VpsF8HzfmtYQE0FqpB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t2bot.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D046 0
20 B 40ms
39ms Ping
image/gif 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2950715373767&version=m202402290101&ct=77&x=1&cor=7378684114875617000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 131ms
130ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QT0,pingTime:1,time:1682,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:563%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1682,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1100~100%5D,as:%5B1100~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:134,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:564,sis:715%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:16 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D046 43 B
215 B 133ms
133ms Image
image/gif 2600:1f13:800:7782:9759:257:dc31:19a2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1881888&asId=5449811e-46b7-1113-a6d1-b85758bb3f77&tv=%7Bc:7P6QT1,pingTime:1,time:1683,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:563%7D,%7Bpiv:100,vs:i,t:582%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1683,o:0,n:582,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:563,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~1%5D,as:%5B39~300.600%5D%7D%7D,%7Bsl:i,t:582,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1101~100%5D,as:%5B1101~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:134,fm:u7QZcVW+11*.1881888-77127947%7C111%7C112%7C113%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C181%7C191%7C1a1%7C1a2,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:564,sis:715,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9759:257:dc31:19a2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Mar 2024 14:09:16 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t2bot.ru/en/esetkeys	1970-01-20 19:21:29	Name: t2botencounter Value: 31.204.145.167
.t2bot.ru/	1970-01-21 04:56:02	Name: _ga Value: GA1.2.1875202460.1711202953
.t2bot.ru/	1970-01-20 19:21:29	Name: _gid Value: GA1.2.508613218.1711202953
.t2bot.ru/	1970-01-20 19:20:03	Name: _gat Value: 1
.t2bot.ru/	1970-01-21 04:56:02	Name: _ga_2F5DKH6NTS Value: GS1.2.1711202952.1.0.1711202952.0.0.0
.doubleclick.net/	1970-01-21 04:56:02	Name: IDE Value: AHWqTUm6lh4c0a0V4nTlMt724qK2_myCrDFysc_Stgt-bdOp5jBjip6ROZCXFvOL
.send.microad.jp/	1970-01-20 21:29:38	Name: TR Value: 9ce667385ec66367744f9956cbd6dd5698ea476090e9bdcb
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: ph Value: %7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: dph Value: %7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: cktst Value: 491765636
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: itk Value: xgDOzQDOflDMzADN4gjNwIzNwgTO%3D%3DgM
.casalemedia.com/	1970-01-21 04:05:38	Name: CMID Value: Zf7iim4sBzAAABMvBajrwQAA
.casalemedia.com/	1970-01-20 21:29:38	Name: CMPS Value: 5537
.casalemedia.com/	1970-01-20 21:29:38	Name: CMPRO Value: 5537
.doubleclick.net/	1970-01-20 23:39:14	Name: APC Value: AfxxVi5RcJOxzPqZ3CO_bDMjeQ9K6Mg87uLUVOdg_5DejdWqQwFcQQ
.doubleclick.net/	1970-01-20 23:39:14	Name: receive-cookie-deprecation Value: 1
.yieldoptimizer.com/	1970-01-21 04:05:38	Name: ckid Value: 4014126919426
.doubleclick.net/	1970-01-20 20:03:14	Name: ar_debug Value: 1
.t2bot.ru/	1970-01-21 04:41:38	Name: __gads Value: ID=dbd76951375489ed:T=1711202953:RT=1711202953:S=ALNI_Ma41Z0lbGbDu5dYnvN7N6bymddChw
.t2bot.ru/	1970-01-21 04:41:38	Name: __gpi Value: UID=00000d5a065c980c:T=1711202953:RT=1711202953:S=ALNI_Ma2Pxp7RCsyQ7SgPmSWscSOIX7arw
.t2bot.ru/	1970-01-20 23:39:14	Name: __eoi Value: ID=68eb8425a4e3706a:T=1711202953:RT=1711202953:S=AA-AfjbhZIzimWvMed4eBEKEFo0x
.doubleclick.net/	1970-01-20 19:20:06	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 21:29:38	Name: ar_debug Value: 1
.t2bot.ru/	1970-01-21 04:05:38	Name: FCNEC Value: %5B%5B%22AKsRol-xicDbp1vMMaR8UV5rsXGw2b8fIozDEL2EOtK8zsQQYSyn1tHSLtrsTe1qsCC_-cDRebtSUNIu-7IvWyTAwGE4yb7OJY-PSeJvyP-RpZyca0_WHrzms1RKd9Fp4E13L2YlfQp-agCcXEID9BuQ58UYZmAL4w%3D%3D%22%5D%5D

81 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://t2bot.ru/js/jquery-3.1.0.min.js(Line 2) Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://t2bot.ru/en/esetkeys/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ag.yieldoptimizer.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s-cs.send.microad.jp
s0.2mdn.net
static.adsafeprotected.com
t2bot.ru
tag.yieldoptimizer.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.42.194
172.217.175.34
172.217.175.98
172.64.151.101
202.233.84.8
216.58.220.102
2404:6800:4004:801::2001
2404:6800:4004:801::2002
2404:6800:4004:80c::2006
2404:6800:4004:80f::2002
2404:6800:4004:81c::2008
2404:6800:4004:81f::2003
2404:6800:4004:820::2003
2404:6800:4004:821::2002
2404:6800:4004:823::200a
2404:6800:4004:825::2004
2404:6800:4004:825::200e
2600:1f13:800:7782:9759:257:dc31:19a2
2600:9000:20c5:bc00:8:48e:53c0:93a1
35.190.20.9
35.190.72.208
54.65.99.58
92.53.96.125
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
06bd0a1334806908b96bb3dc9956ca24550d5967ae38a6f7ab387e8b31d7e672
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
172abdc1549b57ea9d6e92351ac832492722a46e897bee71f949705da49b3108
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195572c2277117d94303f1e98401f207c22e61ea6d62233b632fd96d52a4d56e
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1c8a669b31836740e7b0ccc74f1a313f3c242a3ed2b53f2cee044e0b827ce20b
24481396e86be425ff56a25d6c96f4b291b00b25aa5422efd1a320a4766c37db
26ab2fd4afb5c57248a2007a588878f05464d27dfa0d46a35cadcd00b2bb8972
27881a8c11d220ada89241974fcf714a9442a444b24dca229e9f557e2331cde4
2bd957fd299d2697060fb14cb0f699c4100afba41f83d455c076f2b21f7dc701
2f3e339ed2f8907b4630520558d2d40bd4064a1bc76e97a5fd56950cdba3179c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b5a5fb72dd548397339e3929668f1b12fd4667346419240f5c7c80e6be642fa
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5980f4744f7d22fcf1e1031dc09a06a610bb7380cd7d49a5c0033a67633049d3
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5ad71c7da7b9258403b6cd669ba527ead08b5bf2c50506a2ef35efabfa386483
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
6d2c308318200321bc194c7dae715236fc4eddaab4188d1a0568a8fa8721024a
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7235fb9daddcc2edc87a4f215a8fd97468c20b8ae2dc8926050108e5d4feb605
7aeefd959a64017ecda724954102af311172237abda5a7e4811a89303df6f99a
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8329429df7662f07c493c5eb830333ec04db3e3b659ecc08ec21707aa66a0bce
840e8ce2d9ce7e96469375a647f45a5545d26d6db5e16421840d1ac2dabe0f09
8541b50e29d9c07ff74a0ed8c83bc07e268af436208ceafb7feae07bc07faece
8d77d11fd1bffb9ff2d9df45b4b7d5505a8fd67ae8525d4a4bb0a6cb0d7b06a9
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
9540ef9b79acb70ea7d2e44ac5b5c7aa8b245edf9ad7b0066b3e90738b05a7b9
99501251f94478962884fda041475a68d981c92c29092c0bf0f16c0dccf4ec20
a479aa7f98b5d37d64f5d2db4f54b51884f0abdcf6c193d2dd4b09db2bc76544
a4a391b257a6995671b0815752fa0784d079bc7266d15e59bc7a76eebc8b46d0
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
aef744dcfc9753bd82747284fd2ddb16c305c9994de327c9251b40dfa2c5e1c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b77dc300ed48be574c2f7f4ad8e631c317a39bd75af8c39aadc0c69ef04364f5
b98b464529cb3500e149c80b88435a37708808f8c30abd1dba10c3b8dd70fc71
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfeea842fdf9c7cbe8b61f714286ef3b9209c448418aecceac72cc069e7bd4c7
c04f8f0e12ccc76d1f5a3e792e9414267a5b41065f89f8faac144929f71293de
c60ec0cba242f1d08c9531903236c158a0ddb2ee4c63229e4e0961cd7aabb800
c61d93edc8ebf917d1ddcb27a0aac051867b6ca49e6a5339cfd74b3ddb6a3124
c91ba057d2cba09a891e379eac55ba19a072f6686e6e26959f168eb01112f69c
cbd800759f1add07d71886ba6eb20866805bc2965b222ddd2c919a16dd75f9ef
cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c
d26fa207657dc07547c93529ed9520f2db4dd6044f5e5d0fef2a31a4e520b789
d4d40158a8108033296259677826f2416e390a07a92a35729ea95b5544d267b0
d84ae4f899550eb17dcf14eccd2a5cc1997570c693963c3492ea1f947821b8db
db95c6a6889a9b012aa176e8f82f233bc309d93d21181f195c14315b480e1958
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79032f297507081e454f5f617ce9822a0e80aa38f4165e64121627fd217dd56
fbcc9c3d0f3b820bdeee9803a33a2abf3dac0c99b29f7b77602a798f6f84ed8b
fc6476c3dd43fd6e211714ac703d61597495ddbbdf1fa7e548c692c0e334e7e4

t2bot.ru Open in urlscan Pro 92.53.96.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

95 %HTTPS

57 %IPv6

15 Domains

24 Subdomains

23 IPs

4 Countries

1913 kBTransfer

5209 kBSize

27 Cookies

0 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

t2bot.ru Open in urlscan Pro
92.53.96.125 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

95 %
HTTPS

57 %
IPv6

15
Domains

24
Subdomains

23
IPs

4
Countries

1913 kB
Transfer

5209 kB
Size

27
Cookies

139 HTTP transactions
4 data transactions