buhitter.com Open in urlscan Pro
2606:4700:20::681a:bd7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Submission: On April 12 via manual (April 12th 2024, 10:11:33 pm UTC) from BR — Scanned from US

Summary HTTP 101 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 38 IPs in 3 countries across 19 domains to perform 101 HTTP transactions. The main IP is 2606:4700:20::681a:bd7, located in United States and belongs to CLOUDFLARENET, US. The main domain is buhitter.com.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.

This is the only time buhitter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:20:... 2606:4700:20::681a:bd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
7	202.231.228.162 202.231.228.162	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	18.164.96.118 18.164.96.118	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
2	52.195.28.185 52.195.28.185	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
1	142.251.40.100 142.251.40.100	15169 (GOOGLE) (GOOGLE)
10	142.250.80.78 142.250.80.78	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2511:5400:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
4	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
3	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
4	108.139.47.69 108.139.47.69	16509 (AMAZON-02) (AMAZON-02)
6	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
2	142.251.32.110 142.251.32.110	15169 (GOOGLE) (GOOGLE)
3	44.194.254.43 44.194.254.43	14618 (AMAZON-AES) (AMAZON-AES)
2	54.92.67.224 54.92.67.224	16509 (AMAZON-02) (AMAZON-02)
10	2a04:4e42:77:... 2a04:4e42:77::159	54113 (FASTLY) (FASTLY)
2	2600:141b:1c0... 2600:141b:1c00:19::17c8:5823	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.128.98 108.138.128.98	16509 (AMAZON-02) (AMAZON-02)
2	43.206.43.189 43.206.43.189	16509 (AMAZON-02) (AMAZON-02)
6	163.43.243.44 163.43.243.44	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
1	2600:141b:1c0... 2600:141b:1c00:22::1730:e06f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.114.235.8 3.114.235.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:e... 2600:1901:0:e207::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.115.240.144 3.115.240.144	16509 (AMAZON-02) (AMAZON-02)
1	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
101	38

3 2606:4700:20::681a:bd7 (United States)

ASN13335 (CLOUDFLARENET, US)

buhitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 202.231.228.162 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)

fam-8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-118.jfk50.r.cloudfront.net

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.195.28.185 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-28-185.ap-northeast-1.compute.amazonaws.com

pa.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.80.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:5400:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)

9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.139.47.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-69.jfk50.r.cloudfront.net

pdn.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.110 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.194.254.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-254-43.compute-1.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.67.224 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-67-224.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:77::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:19::17c8:5823 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-98.jfk50.r.cloudfront.net

j.zucks.net.zimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.206.43.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-43-189.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 163.43.243.44 (Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)

img.fam-8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:22::1730:e06f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.235.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-235-8.ap-northeast-1.compute.amazonaws.com

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.115.240.144 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-240-144.ap-northeast-1.compute.amazonaws.com

k.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com — Cisco Umbrella Rank: 2	69 KB
14	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 166161 pa.adingo.jp pdn.adingo.jp — Cisco Umbrella Rank: 112727 cs.adingo.jp — Cisco Umbrella Rank: 4442 sh.adingo.jp — Cisco Umbrella Rank: 69573 i.adingo.jp — Cisco Umbrella Rank: 104630	27 KB
13	fam-8.net fam-8.net — Cisco Umbrella Rank: 288761 img.fam-8.net — Cisco Umbrella Rank: 496643	3 MB
11	googlesyndication.com 9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	99 KB
10	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1263	859 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 87	213 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
4	zucks.net sh.zucks.net — Cisco Umbrella Rank: 138288 k.zucks.net — Cisco Umbrella Rank: 135884	5 KB
4	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 29961 sync6.im-apps.net — Cisco Umbrella Rank: 55883 audiencedata.im-apps.net — Cisco Umbrella Rank: 30412	6 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 465	323 B
3	buhitter.com buhitter.com	28 KB
2	zimg.jp j.zucks.net.zimg.jp — Cisco Umbrella Rank: 129565	7 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 986 id5-sync.com — Cisco Umbrella Rank: 511	27 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	172 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3025	50 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 315	902 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 687	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3302	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
101	19

	Domain	Requested by
12	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
10	pbs.twimg.com	buhitter.com
7	fam-8.net	buhitter.com fam-8.net
6	img.fam-8.net	buhitter.com
6	pagead2.googlesyndication.com	buhitter.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	securepubads.g.doubleclick.net	buhitter.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pdn.adingo.jp	buhitter.com securepubads.g.doubleclick.net pdn.adingo.jp
3	cs.adingo.jp	pdn.adingo.jp
3	gum.criteo.com	static.criteo.net pdn.adingo.jp
3	buhitter.com	buhitter.com
2	k.zucks.net	j.zucks.net.zimg.jp
2	sh.zucks.net	j.zucks.net.zimg.jp
2	i.adingo.jp	pdn.adingo.jp
2	j.zucks.net.zimg.jp	pdn.adingo.jp
2	dmp.im-apps.net	pdn.adingo.jp dmp.im-apps.net
2	sh.adingo.jp	pdn.adingo.jp
2	www.google.com	buhitter.com tpc.googlesyndication.com
2	pa.adingo.jp	cdn-fluct.sh.adingo.jp
2	www.googletagmanager.com	buhitter.com www.googletagmanager.com
2	stackpath.bootstrapcdn.com	buhitter.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	sync6.im-apps.net	dmp.im-apps.net
1	id5-sync.com	cdn.id5-sync.com
1	9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn-fluct.sh.adingo.jp	buhitter.com
1	code.jquery.com	buhitter.com
101	33

This site contains links to these domains. Also see Links.

Domain
fam-8.net
twitter.com

Subject Issuer	Validity	Valid
buhitter.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
fam-8.net FujiSSL Public Validation Authority - G3	`2023-05-17` - `2024-06-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn-fluct.sh.adingo.jp Amazon RSA 2048 M01	`2023-08-25` - `2024-09-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M02	`2024-02-29` - `2025-03-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-11` - `2025-03-11`	a year	crt.sh
j.zucks.net.zimg.jp Amazon RSA 2048 M03	`2023-09-29` - `2024-10-27`	a year	crt.sh
img.fam-8.net FujiSSL Public Validation Authority - G3	`2023-05-17` - `2024-06-04`	a year	crt.sh
sh.zucks.net Amazon RSA 2048 M02	`2024-03-02` - `2025-03-31`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2024-03-31` - `2024-06-29`	3 months	crt.sh
k.zucks.net Amazon RSA 2048 M02	`2023-07-09` - `2024-08-06`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Frame ID: A4B5C88002F2FE7E22800FF81A7F8A2A
Requests: 72 HTTP requests in this frame

Frame: https://9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60B5CF79D9E4E652195C4B77D766C7F5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=buhitter.com
Frame ID: 9E00608A7EAC08B7359278980096286F
Requests: 1 HTTP requests in this frame

Frame: https://pdn.adingo.jp/p.js
Frame ID: CA6040084F6946427F642AEC413B6409
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240410/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Frame ID: DFCF06B7F880B645CAC8DF5281262C8C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZQy38M0vFz8Rl7oBqXxkQgHWhYmO7dz42a7vxyWc99Xqd1QjRpX28gH4Cys6ZrDaQ6y3UDuuxJV0ccMFt4dIIQDuXCD2_JoDGPfR42scDyVEKTPsSMw9pQNjJT8cH1gXuKO47f9MV1E7VL1rm2Xxh2dUS_nlmkyrPMkcl0uYB8x6LdZrJTLze9LT4gAG2M1Fbn0OwRSJ5QNgjZQ7U9zAkCF5U9YCQFWLkxBiKiEYbp6pVqimg749vVgUkUu3ewcWcHMyO73cGFyAqxKJ4qaawUO98sdaLsv25dgdZIeG0babKYudhi6yE9VplcirLNW_qc9dphJbgSjKG7ETFceURrewy1cLJy5-1FAx07Wy2EBv7GV_Ceux_ADo2JV1TpPaxDPi3DSLmww&sai=AMfl-YRNC5aTeVOgsWJb-cNnOIe_EJ3_TP3BbhqTh5hluJhZ6lkQLB4SMCSfhGpLuGRUte8sO5SYmFE6N1aI9ucbMOd9GwueCB-Zc1jzqsT37hNhlBxv0QLekhX-efkbfCX1-wDZnlLT9ExgVIu7hhLXm4g&sig=Cg0ArKJSzI7ZS3Wbroy7EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 91EBC1A41F7F30C9E4C2FB3D0FE5EDCE
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE8B48FC3C77F43DCE0BD9F1DC133B28
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FEC84A7EA4750A2D9341465C924F8894
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

カグラバチのTwitterイラスト検索結果。

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

101
Requests

99 %
HTTPS

51 %
IPv6

19
Domains

33
Subdomains

38
IPs

3
Countries

4754 kB
Transfer

6770 kB
Size

20
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=35108&_campaign=1530&_article=13894&_link=145080&_mstype=4&_deliver=1

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=35109&_campaign=1530&_article=13894&_link=145076&_mstype=4&_deliver=1

Search URL Search Domain Scan URL

URL: https://twitter.com/guriomatchboxxx/status/1763837929921860049

Search URL Search Domain Scan URL

URL: https://twitter.com/guriomatchboxxx/status/1761728578637709679

Search URL Search Domain Scan URL

URL: https://twitter.com/guriomatchboxxx/status/1760609079528202241

Search URL Search Domain Scan URL

URL: https://twitter.com/hitomikan123/status/1755884179940892751

Search URL Search Domain Scan URL

URL: https://twitter.com/asutalt/status/1755204964748808253

Search URL Search Domain Scan URL

URL: https://twitter.com/deer60868637/status/1754905953483489471

Search URL Search Domain Scan URL

URL: https://twitter.com/deer60868637/status/1754375552142811499

Search URL Search Domain Scan URL

URL: https://twitter.com/hiro_dorachi/status/1754216562100449665

Search URL Search Domain Scan URL

URL: https://twitter.com/opopiii_8/status/1754108906606133652

Search URL Search Domain Scan URL

URL: https://twitter.com/halulan/status/1747699636243226651

Search URL Search Domain Scan URL

URL: https://twitter.com/asutalt/status/1746538804671107190

Search URL Search Domain Scan URL

URL: https://twitter.com/haruho_drst/status/1746191688409010578

Search URL Search Domain Scan URL

URL: https://twitter.com/asutalt/status/1746169060277244408

Search URL Search Domain Scan URL

URL: https://twitter.com/asutalt/status/1745024062198579387

Search URL Search Domain Scan URL

URL: https://twitter.com/asutalt/status/1744662662498378046

Search URL Search Domain Scan URL

URL: https://twitter.com/ukncuni/status/1744139085877555279

Search URL Search Domain Scan URL

URL: https://twitter.com/asutalt/status/1743548889775698026

Search URL Search Domain Scan URL

URL: https://twitter.com/haruho_drst/status/1743368534464577582

Search URL Search Domain Scan URL

URL: https://twitter.com/shi4see/status/1740346383776010655

Search URL Search Domain Scan URL

URL: https://twitter.com/haruho_drst/status/1739887104682070235

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=37816&_campaign=2100&_article=13488&_link=135406&_mstype=3&_deliver=1
Title: どの娘にスル？超絶リアルチャットで…「しゅんごいよっ、しゅんごいよおぉ！！07:21～がしゅっんご～～～～いッ！！」[PR]

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=37816&_campaign=1530&_article=13896&_link=145131&_mstype=3&_deliver=1
Title: 120％濡れると話題の乙女ゲー【ｷﾞｭﾝｯ不可避】120％濡れると話題の乙女ゲーで…男前とｱﾚｺﾚしてみる？♡[PR]

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=37816&_campaign=3517&_article=13272&_link=128355&_mstype=3&_deliver=1
Title: どの娘にスル？超絶リアルチャットで…「しゅんごいよっ、しゅんごいよおぉ！！07:21～がしゅっんご～～～～いッ！！」[PR]

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=35111&_campaign=1530&_article=13900&_link=145103&_mstype=4&_deliver=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

101 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request search Show response
buhitter.com/ 164 KB
24 KB 1124ms
1032ms Document
text/html 2606:4700:20::681a:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76efa13016fe2687e5f0c4f56178d287a11bad457970017ceb202130b960a172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87368d368bc10975-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Apr 2024 22:11:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiHD1MkZAU3Yz8grIZUBBv7zyR%2F4RUiW3nNlMHHa7t%2FsBG%2BS6MCjsUyR7K2W0xGzQ8JG3QtRntUDC21b8oXA%2FP85DfTuJbo7hWMA%2FF%2Bpq8pW3yRWiA1Ppl3NtDhg%2F7n9qTu5w2bQARmYaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
27 KB 135ms
51ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 878
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 224847
cdn-cachedat: 03/18/2024 12:53:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ac5ddacb160452a29a342f28c2f84b36
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 87368d3d9e5321cd-MIA
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 114ms
32ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2916724
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-mia-kmia1760082-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712959882.851870,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 98113

GET
H2 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 77 KB
23 KB 142ms
59ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 878
age: 3898272
cdn-cachedat: 09/04/2022 07:27:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a454220fc07088bf1fdd19313b6bfd50"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6b105eeb30d0f0a0d7549ab4bd4e83f8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 87368d3d9e5b21cd-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK fam8-tagify.min.js Show response
fam-8.net/ad/js/ 2 KB
3 KB 1035ms
203ms Script
application/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:20 GMT
Last-Modified: Sat, 12 Jan 2019 00:17:54 GMT
ETag: W/"2306-1547252274000"
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2306

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
30 KB 282ms
132ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef52687c155c8a8d9bdf3b6a05fdb9e8949d8c0af535827202485787774cd790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29703
x-xss-protection: 0
server: cafe
etag: 502 / 19825 / 31082680 / config-hash: 10044149075479355345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:11:22 GMT

GET
H2 200 kv.js Show response
cdn-fluct.sh.adingo.jp/ts/ 4 KB
2 KB 214ms
60ms Script
application/javascript 18.164.96.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-118.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Jan 2024 05:57:37 GMT
content-encoding: gzip
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
last-modified: Tue, 10 Nov 2020 02:43:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 7402426
etag: W/"556934705e12b655011cd42324d63d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RRn3PeRTDE8GTBkITVVrno8k94-koAqh0YbLAOFQTjUBzBF6273yAw==

GET
H2 200 pre-loader.gif
buhitter.com/img/ 4 KB
4 KB 41ms
41ms Image
image/gif 2606:4700:20::681a:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buhitter.com/img/pre-loader.gif

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269588
content-length: 3649
last-modified: Sun, 21 Jan 2024 10:27:19 GMT
server: cloudflare
etag: "65acf187-e41"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWYHgAMiKwGlC4Vfrrdj647Urr%2F7lO58RCAgaya3vj0AMwT9dUnNG5JmAJDR8AY8ftkFB8aR70qxeJB3HdAxID9rQuMveiV9jTCX%2BpN9tCCbc%2Fns2CV%2BsqnM9xtDKpU6eDhRk1r2G%2BU8MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 87368d3d0ecf0975-MIA
expires: Tue, 16 Apr 2024 19:18:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
76 KB 244ms
104ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d618e5fc57d5e5ead059bb610c6ef38099be2ba917af1e3e163206ab106b0ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77391
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 22:11:22 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/ 445 KB
139 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aca0e28aa55849ee4eb13733950c025c8944325eb0bb737dd666294a833790ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24006
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142427
x-xss-protection: 0
server: cafe
etag: 9854340156555383671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Apr 2025 15:31:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
96 KB 118ms
117ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e33e8f779a2eb184b64d9d217e3eaddd99598195f8b00d2b8891193562efb9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 22:11:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 200ms
63ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 22:06:53 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 269
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Apr 2024 00:06:53 GMT

OPTIONS
H2 204 kv
pa.adingo.jp/ Frame 0
0 642ms
204ms Preflight 52.195.28.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.adingo.jp/kv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.195.28.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-195-28-185.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buhitter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Authorization, Accept, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 12 Apr 2024 22:11:23 GMT
server: nginx

POST
H2 200 kv Show response
pa.adingo.jp/ 408 B
638 B 205ms
204ms XHR
application/json 52.195.28.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.adingo.jp/kv
Requested by: Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.195.28.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-195-28-185.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8fa4744814b9ea3f31015b20d557d4c678538cc4e076c874b17ba5f9ea2f4c07

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Apr 2024 22:11:23 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Accept, Content-Type
content-length: 408

GET
H2 200 9176203 Show response
fundingchoicesmessages.google.com/i/ 180 KB
60 KB 282ms
128ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/9176203?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89040fd34c868380d96d78b5a3b165170a98672808a8e6dc99e4d04c0a5c6306

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Se0SrUBf72Z24vAT7TLCwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-Se0SrUBf72Z24vAT7TLCwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitHikmLw1JBiUAjbyXTe6Q7TdSCuZXjG1ArEBhrPmSyAWOLrSyYNII55Pp01BYid0mewBgGxT_0M1hggbr15jnUqEJ9ccJ71IhAn_TvPWgTEQjwcXY-fbWAT2DH9ym0mAHc2LKA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 80ms
79ms Ping
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je44a0v886998702z8811964994za200&_p=1712959881893&gcd=13l3l3l3l1&npa=0&dma=0&cid=1591324837.1712959883&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712959882&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&dt=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81%E3%81%AETwitter%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E6%A4%9C%E7%B4%A2%E7%B5%90%E6%9E%9C%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1914
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 78ms
77ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1532943203&t=pageview&_s=1&dl=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&ul=en-us&de=UTF-8&dt=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81%E3%81%AETwitter%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E6%A4%9C%E7%B4%A2%E7%B5%90%E6%9E%9C%E3%80%82&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=944660654&gjid=1261962832&cid=1591324837.1712959883&tid=UA-115935434-1&_gid=980749295.1712959883&_r=1&_slc=1&gtm=45He44a0n81WH4L999v811964994za200&gcd=13l3l3l3l1&dma=0&z=8864212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
344 B 194ms
66ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115935434-1&cid=1591324837.1712959883&jid=944660654&gjid=1261962832&_gid=980749295.1712959883&_u=YADAAEAAAAAAACAAI~&z=293295044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Apr 2024 22:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK latest-version Show response
fam-8.net/ad/p/ 41 B
494 B 810ms
202ms XHR
text/html 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/latest-version
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:46 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 41

GET
H/1.1 200
OK pjs-1.0.3.min.js Show response
fam-8.net/ad/js/ 15 KB
15 KB 801ms
200ms Script
application/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:47 GMT
Last-Modified: Wed, 14 Oct 2020 06:13:36 GMT
ETag: W/"14916-1602656016000"
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 14916

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 631ms
506ms Image
image/gif 142.251.40.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115935434-1&cid=1591324837.1712959883&jid=944660654&_u=YADAAEAAAAAAACAAI~&z=1338564138

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 210ms
86ms XHR
text/html 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gtxvHVrsAtw.es5.O/am=wA/d=1/rs=AJlcJMxdQ9PS5_VTfREj_WTz4wHQE0TUEA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jvfp-dvmTXnG7sGIQuJQ0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jvfp-dvmTXnG7sGIQuJQ0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1iDgFiIh6P78bMNbAIPvjQ2MQMAyQkMiA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVGc261GPVALM9dCtaur6ky9EvrF6qgewG-h97uJQKAGNaw_GfEcxeKV1XtGSFznFk1luvIpUtSx-SXMXnQDwfdvGOExPIsgMb-nxEGqg4_5G9Zzt4a0WGepWk_PHzaqDQwwb4BrQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 108ms
108ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVGc261GPVALM9dCtaur6ky9EvrF6qgewG-h97uJQKAGNaw_GfEcxeKV1XtGSFznFk1luvIpUtSx-SXMXnQDwfdvGOExPIsgMb-nxEGqg4_5G9Zzt4a0WGepWk_PHzaqDQwwb4BrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyOTU5ODgzLDY0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9idWhpdHRlci5jb20vc2VhcmNoIixudWxsLFtbOCwiZ3R4dkhWcnNBdHciXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbNywiMTIiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57745e0b18204b832ee97376a48473610630b237857f4a970f99acf58dc9acca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D2sBjJHdOdKosQof3ied1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-D2sBjJHdOdKosQof3ied1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo7ux882sAks2DblEhMA_yArMA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 231ms
65ms Script
text/javascript 2600:9000:2511:5400:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5400:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 12 Apr 2024 08:27:56 GMT
Via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 49408
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: -pj-mSwsEz7YYTkJNnr4gsjhiy401KbiQIo6_C6rvsaA3l4jr8_MhQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 201ms
70ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Apr 2024 12:20:57 GMT
server: nginx
etag: W/"661532a9-a5c1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 22:11:23 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 134ms
50ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 11:38:58 GMT
server: cloudflare
x-amz-request-id: 49F294GCGYSPNTPY
age: 657
etag: W/"7ceb45871763bd74cf4140e0b5fe846a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 87368d498d27497e-MIA
x-amz-id-2: uSUHkV5SoIAANN/OXxqSBxVoiWAh4UytkqRSZGOVRTkp+Y63RPtbCuLrCcH/r5DS4QImzJ+MQ4o=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 161ms
32ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Apr 2024 22:11:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 20455
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 161 KB
29 KB 359ms
359ms Fetch
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3498751142988842&correlator=2804851012605473&eid=31082680&output=ldjh&gdfp_req=1&vrg=202404100101&ptt=17&impl=fifs&iu_parts=62532913%3A22479333033%2Cp_buhitter_970x250_title_28273%2Cp_buhitter_300x250_kensaku-1_28273%2Cp_buhitter_300x250_kensaku-2_28273%2Cp_buhitter_300x250_footer-1_28273%2Cp_buhitter_728x90_overlay_28273%2Cp_buhitter_300x250_Interstitial_28273&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712959883655&lmt=1712959883&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1591324837.1712959883&ga_sid=1712959884&ga_hid=1532943203&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiEk_ai7TFIAFICCGQSGQoKcHViY2lkLm9yZxiEk_ai7TFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YhJP2ou0xSABSAghkEhkKCnVpZGFwaS5jb20Yg5P2ou0xSABSAghk&dlt=1712959881750&idt=709&prev_scp=pa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7C&adks=1724631948%2C403046175%2C1878229315%2C3801214374%2C3238850784%2C2312117160&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

281abc3f214434d715c0002676a280ed6449a3ca0e66a6d5a9aee539dc0cfea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29604
x-xss-protection: 0
google-lineitem-id: -2,5734155481,5734821323,5734157221,5734823039,5734161076
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138355405894,138355406017,138355406098,138355061403,138355063095
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60B5 0
0 235ms
79ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 22:11:23 GMT
expires: Sat, 12 Apr 2025 22:11:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/ 47 KB
15 KB 64ms
64ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl_page_level_ads.js?cb=31082680

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b9dfa39106ef08fe2086fc2a8f1a7b6fe49fed7141a0a73f4f46b8a59c4ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23603
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15282
x-xss-protection: 0
server: cafe
etag: 12351438208979272184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Apr 2025 15:38:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 439ms
142ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhitter.com
date: Fri, 12 Apr 2024 22:11:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe
gum.criteo.com/ Frame 9E00 0
0 183ms
58ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=buhitter.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 22:11:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 407524
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 p.js Show response
pdn.adingo.jp/ Frame CA60 69 KB
17 KB 208ms
70ms Script
application/javascript 108.139.47.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-69.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f28454ecc4cd5778641a83872fbb4563ebb174e86c5a5581d0dd6e7b1c0d523c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:01:51 GMT
content-encoding: br
via: 1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-version-id: UlaQDUunxdjz6OFewMD_De60PaTsjK._
x-amz-cf-pop: JFK50-P1
age: 574
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16795
last-modified: Mon, 19 Feb 2024 05:05:12 GMT
server: AmazonS3
etag: "d309e1378bbeaa67d8df089b89647344"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: f4guWczMTt8AGoI2FjxKPcleeunJ0m1UgvMUPinfpio_lsXcxmjfDg==

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CA60 214 KB
65 KB 190ms
62ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d6d0cdd93a3211b3770f16ed7a3a70cfe1aa1fd67f50f50bf64a1014abe9efb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66580
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Apr 2024 23:03:05 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240410/r20110914/elements/html/ Frame DFCF 15 KB
7 KB 199ms
63ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240410/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c04b9a14b5022b429617794e8732840d0ce3ba0e1a77cc296bad062850acf84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 17660234759925802886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Apr 2024 14:23:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240410/r20110914/elements/html/ Frame DFCF 22 KB
9 KB 204ms
68ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240410/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67570e6eac285b35dbb7e4e942474a71b78b82aa41bef296d24ad9086bc58c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 14:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9127
x-xss-protection: 0
server: cafe
etag: 5861376807601988298
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Apr 2024 14:23:25 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 75ms
74ms Ping
text/plain 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je44a0v886998702za200&_p=1712959881893&gcd=13l3l3l3l1&npa=0&dma=0&cid=1591324837.1712959883&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&sid=1712959882&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&dt=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81%E3%81%AETwitter%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E6%A4%9C%E7%B4%A2%E7%B5%90%E6%9E%9C%E3%80%82&_s=2&tfd=3473
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame CA60 43 B
285 B 183ms
58ms Fetch
image/gif 44.194.254.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=fluct_uid&id=a4fc7b35-0478-41da-b8a5-14f82e020506
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.254.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-254-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Fri, 12 Apr 2024 22:11:24 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA60 0
0 245ms
120ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/p/ Frame CA60 2 KB
1 KB 727ms
312ms XHR
application/json 54.92.67.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/p/?G=1000134480&href=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&R=&serial=26696064907858&guid=ON&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=a4fc7b35-0478-41da-b8a5-14f82e020506&ch_pv=10.0.0

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.67.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-67-224.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fca24f2a73a645080321fda156f43b8a0e81b872891f4f387e42c63cfad86ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 22:11:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buhitter.com
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ad-loading. Show response
fundingchoicesmessages.google.com/f/AGSKWxVroa4eJcFRU0KN9qmDxDYDGdCQBmsV6hVpP5As0GJYVToXfXgjz8V9IfXfDscdWTwngnlZvLdVO9YoqGH6GY2mzPmKP_FQ_a6Fhg8-N_yDC92nQ9n7UtV5wd1FUIbiqRaxXBU0g7avVJPVNChLp7EYB69GR... 54 B
110 B 85ms
85ms Script
application/javascript 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVroa4eJcFRU0KN9qmDxDYDGdCQBmsV6hVpP5As0GJYVToXfXgjz8V9IfXfDscdWTwngnlZvLdVO9YoqGH6GY2mzPmKP_FQ_a6Fhg8-N_yDC92nQ9n7UtV5wd1FUIbiqRaxXBU0g7avVJPVNChLp7EYB69GRVkoKuSt4-fIZ4ndOZQz4uik7lk8PLIB/_/head486x60._adshow./big-ad-switch-/advertise125x125./ad-loading.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gtxvHVrsAtw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyBxmp7JA_YqEpeY2I7xSTHeKI8yg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

1e9d30aa51078d732f1c5794a4c68343d40c10e441ed194aaf2f0f3c82e9b1b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PpgnK_7CO708KTEDfxuHCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-PpgnK_7CO708KTEDfxuHCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo6ex882sAnMaHl9lREAANwrVA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 62ms
61ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 18:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Apr 2024 18:01:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZMz0zK0ah0sQn-5Vfzi8nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZMz0zK0ah0sQn-5Vfzi8nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIh6Pn8bMNbAInjny_xggAyCoM_A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KjLu64abYJtuJNzFCTQAyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-KjLu64abYJtuJNzFCTQAyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1iDgFiIh6Pn8bMNbAIfPv_4wggAy6cNfw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4hXeZ4Drq-6v3j5d5a5a2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-4hXeZ4Drq-6v3j5d5a5a2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1iDgFiIh6Pn8bMNbAIN7z40MAEAyMoMkg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OKKMviwvX-MVLcsTAgL3jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-OKKMviwvX-MVLcsTAgL3jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1iDgFiIh6Pn8bMNbAIL2hY0MAEAxcoL8g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVB42No3NOE_cZsrdNdaY6TVhuml4N5ahVv_9fKgRjufcUBVv415dax3po6-5SXU2x-7A526NE5otqhqoKqJepR_Bb683Vo_4v59pD123uPFJk2qffgsAsIw5PXj8I-jtr7QTeL6Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 113ms
113ms Script
application/javascript 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVB42No3NOE_cZsrdNdaY6TVhuml4N5ahVv_9fKgRjufcUBVv415dax3po6-5SXU2x-7A526NE5otqhqoKqJepR_Bb683Vo_4v59pD123uPFJk2qffgsAsIw5PXj8I-jtr7QTeL6Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyOTU5ODg0LDQ5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYnVoaXR0ZXIuY29tL3NlYXJjaCIsbnVsbCxbWzgsImd0eHZIVnJzQXR3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjEyIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

1e9edf6dd30481a6529c42365fe54a7e1a1e1f18bd926fa936ce3898a4d196a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gkwo6wPhBxLfFBuW_pdVCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-Gkwo6wPhBxLfFBuW_pdVCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMGEMc8n86aAsRO6TNYg4DYp34GawwQt948xzoViE8uOM96EYiT_p1nLQJiIR6OnsfPNrAJ3Hjb1M8EAP1xMFU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 633 B
1 KB 612ms
204ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35204&_jsasync=1&_ref=&_nocache=1712959884607434641
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 9be2acd6996e54b38de49ff538f384c565a21d539818e9d430977be1a9e5ed0e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:47 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 633

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 634 B
1 KB 608ms
201ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35205&_jsasync=1&_ref=&_nocache=1712959884608749158
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 444ae064889d8b93f1329f06ec305dbe816c8c0dbb9f4f6ca0c52b0b8854ff8f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:47 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 634

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 4 KB
5 KB 609ms
204ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35206&_jsasync=1&_ref=&_nocache=1712959884612842249
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 961e59da46c54752dfc5c427a74bc4314b092be0ee05c66cbc38bdca869312f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:47 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 4289

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 633 B
1 KB 611ms
206ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35207&_jsasync=1&_ref=&_nocache=1712959884613707753
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: df024d5fd7ded509295766d0c6a77c12d4d96c3fc0fe989f6505afdcfa4c117c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:09:47 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 633

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91EB 0
0 126ms
125ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZQy38M0vFz8Rl7oBqXxkQgHWhYmO7dz42a7vxyWc99Xqd1QjRpX28gH4Cys6ZrDaQ6y3UDuuxJV0ccMFt4dIIQDuXCD2_JoDGPfR42scDyVEKTPsSMw9pQNjJT8cH1gXuKO47f9MV1E7VL1rm2Xxh2dUS_nlmkyrPMkcl0uYB8x6LdZrJTLze9LT4gAG2M1Fbn0OwRSJ5QNgjZQ7U9zAkCF5U9YCQFWLkxBiKiEYbp6pVqimg749vVgUkUu3ewcWcHMyO73cGFyAqxKJ4qaawUO98sdaLsv25dgdZIeG0babKYudhi6yE9VplcirLNW_qc9dphJbgSjKG7ETFceURrewy1cLJy5-1FAx07Wy2EBv7GV_Ceux_ADo2JV1TpPaxDPi3DSLmww&sai=AMfl-YRNC5aTeVOgsWJb-cNnOIe_EJ3_TP3BbhqTh5hluJhZ6lkQLB4SMCSfhGpLuGRUte8sO5SYmFE6N1aI9ucbMOd9GwueCB-Zc1jzqsT37hNhlBxv0QLekhX-efkbfCX1-wDZnlLT9ExgVIu7hhLXm4g&sig=Cg0ArKJSzI7ZS3Wbroy7EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Apr 2024 22:11:24 GMT

GET
H2 200 p.js Show response
pdn.adingo.jp/ Frame 91EB 69 KB
0 208ms
70ms Script
application/javascript 108.139.47.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-69.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f28454ecc4cd5778641a83872fbb4563ebb174e86c5a5581d0dd6e7b1c0d523c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:01:51 GMT
content-encoding: br
via: 1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-version-id: UlaQDUunxdjz6OFewMD_De60PaTsjK._
x-amz-cf-pop: JFK50-P1
age: 574
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16795
last-modified: Mon, 19 Feb 2024 05:05:12 GMT
server: AmazonS3
etag: "d309e1378bbeaa67d8df089b89647344"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: f4guWczMTt8AGoI2FjxKPcleeunJ0m1UgvMUPinfpio_lsXcxmjfDg==

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 91EB 214 KB
0 190ms
62ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d6d0cdd93a3211b3770f16ed7a3a70cfe1aa1fd67f50f50bf64a1014abe9efb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66580
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Apr 2024 23:03:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91EB 0
0 123ms
123ms Fetch
image/gif 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34ec28d4a67e1e34f833bc05f45967c00703513aa17e10d3dc2cbe29bc6f3e7c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 91EB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60670b87773e1a0b35ffde2c4137905c659d17d0a2b1d1af75465cf747a73e3

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWOl2bqNL9iTzKfAqFXUgPUh2j9sxinF4fL2EGsThN2eeVba3rbDrpvtfNLrSXxAM3a0esWThpcZux95WNQuHz4y4CJLQsFQ15qjUTiKg8U_aJ-D1cqs9CCN-QEeF2wh7uU_Z4c6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yv39kUXrQ_SYal25BRclmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-Yv39kUXrQ_SYal25BRclmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1iDgFiIh6Pn8bMNbAIHfs78xgQAyfsM-w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWa467OY2V51xZ9-7hqoHkHKpWkfaEsWCNPQRfnkca6hwvCg7FBHYPwd8Ue6_zshM8r8KerxPkTqEscDLlu0B20LQwCWGXywKm6v6Wlk3WwbZqJ9yMXJkKDrAa4GBDMuKGgpxrchg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 109ms
109ms Script
application/javascript 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWa467OY2V51xZ9-7hqoHkHKpWkfaEsWCNPQRfnkca6hwvCg7FBHYPwd8Ue6_zshM8r8KerxPkTqEscDLlu0B20LQwCWGXywKm6v6Wlk3WwbZqJ9yMXJkKDrAa4GBDMuKGgpxrchg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyOTU5ODg0LDc0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYnVoaXR0ZXIuY29tL3NlYXJjaCIsbnVsbCxbWzgsImd0eHZIVnJzQXR3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjEyIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzIsIltudWxsLFtudWxsLDEsWzE3MTI5NTk4ODQsNTQ5NjA0MDAwXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

99dae4d4dec24cfd08ab564f69012c7dd5e6635b99c9bce8f94e05d8da5f1e8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UbAPd70d2sTOI8KyimtceQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-UbAPd70d2sTOI8KyimtceQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo6ex882sAl03JjTwgwA-0Yq7Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91EB 0
0 249ms
124ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrzQsqOo4iWz3cG9o9Ax8aHdym6JxH6pHVgbm-kR0ni2X9hhMQQhzjTgaipmr3Lxy3LwvoVG1nwiZxpiFHIx6pKddTLTfhWUGsmYDVjyFK5Nklp5LE1cK7bRkMCeU9zu6muus-NOGku2YLwLreLd-8i1ri9jrxO-I2os6N-H5F7qLH0KkpxtbxCnRmTEGUFgdNsS10X0_0o2KnqW8EK_YnQQHGD_wb24OKRxy47pk0r9wteW46lPKpl-EMNTF3iAcbnzHThbHGP2BkRVkZS-IgBZJxS5EfIV8dJ8Sj2XrA5ZOC9O6r_b0rDhyr0ReyedxAEqXCEaoqy8GaC0qiPR_dun1OW4SPLgCVBecVrfjEX8qWP4jXxBtshz5hq87-0yiFk_bLoTfMVUDY&sai=AMfl-YTKgfCizXZjjQobeHBYXx1Y-s3bgTy-K_oxMJAVis9TNG7W0dygYgvClhNZ8laKfrIWKSkbuREqZVhQUCJJXXzJJhs-N9Fl3uX9YJzcVOY_OUv3PeT6eVJqL7LbiXoDfAvIA-xSmdVzbZDVI6RDmyc&sig=Cg0ArKJSzLyAnkx3YYOvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Apr 2024 22:11:24 GMT

GET
H2 200 ovBiHtxN_normal.jpg
pbs.twimg.com/profile_images/1734194640411361280/ 2 KB
2 KB 219ms
64ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1734194640411361280/ovBiHtxN_normal.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8525fee23950a045cfdbd05e8cf1d9984f96f066eb2414328a825bec3a456588

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2187
x-served-by: cache-pdk-kpdk1780128-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Mon, 11 Dec 2023 12:51:16 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 0f0f6d858a958321
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GHppP3paoAAwQdl.jpg
pbs.twimg.com/media/ 210 KB
211 KB 278ms
123ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GHppP3paoAAwQdl.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3caf7678af6d63289ec4d11afe404aaadc364d038a5d17bb97235945f075ed0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 215526
x-served-by: cache-pdk-katl1840095-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Sat, 02 Mar 2024 08:03:06 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: f954071dcfe3435f
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GHLqzgXaMAEAcUD.jpg
pbs.twimg.com/media/ 101 KB
101 KB 219ms
65ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GHLqzgXaMAEAcUD.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c648f12f3377a6026683e2bcea280e9b890ffddaf2294b58bde5fb313b6be8ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 103208
x-served-by: cache-pdk-kpdk1780060-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Sun, 25 Feb 2024 12:21:18 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 51ef606c141b3887
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GG7wn_faEAAGIFO.jpg
pbs.twimg.com/media/ 139 KB
140 KB 217ms
63ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GG7wn_faEAAGIFO.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c64252f57017f98491f965e04755b624e032389bc5edb92a6bdd55dbef5dc6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: MISS, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 142740
x-served-by: cache-pdk-kfty2130054-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Thu, 22 Feb 2024 10:12:48 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 8ad6911a7d99cd2a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 ITGV6Dd1_normal.png
pbs.twimg.com/profile_images/1490379422536716288/ 5 KB
5 KB 277ms
123ms Image
image/png 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1490379422536716288/ITGV6Dd1_normal.png

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9476fb180c0a8ac2a32a81203c766331400fbcf6a5b614a1220b52fca4732089

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 4999
x-served-by: cache-pdk-kpdk1780100-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Sun, 06 Feb 2022 17:36:38 GMT
x-tw-cdn: FT
content-type: image/png
access-control-allow-origin: *
x-transaction-id: c506872ad0b5b291
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF4nWyPacAAnkLd.jpg
pbs.twimg.com/media/ 63 KB
63 KB 277ms
123ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF4nWyPacAAnkLd.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ac05f4dc169bccbdcc2eddeb48ae291677b93dcda685d1b2cfb8736272a2140

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 64714
x-served-by: cache-pdk-kpdk1780021-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Fri, 09 Feb 2024 09:17:45 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 94d941442323d25c
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 g33EN3JB_normal.jpg
pbs.twimg.com/profile_images/1774634165142740992/ 2 KB
3 KB 103ms
102ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1774634165142740992/g33EN3JB_normal.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43741e9b4f7ce8f3b22e0f513a8d3a3f9201e00be519dd760825d83afb24dfae

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2339
x-served-by: cache-pdk-katl1840024-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Mon, 01 Apr 2024 03:03:30 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ecf0954cb2f02c37
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GFu9nPBbwAAtpo8.jpg
pbs.twimg.com/media/ 131 KB
131 KB 103ms
102ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GFu9nPBbwAAtpo8.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8a188697cb0e63ed1a34f342e5d4168d33229bf967c81db93c951b021c5ad8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:24 GMT
x-content-type-options: nosniff
x-cache: MISS, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 134247
x-served-by: cache-pdk-kpdk1780125-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Wed, 07 Feb 2024 12:18:47 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: cfb7174b237de3f5
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 7yeVMHku_normal.jpg
pbs.twimg.com/profile_images/1382018170924326914/ 2 KB
2 KB 105ms
105ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1382018170924326914/7yeVMHku_normal.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e9383afb3f42753d84c00afd1d60e2b9e8d57853b2737cda0345bc6e9d5bc97

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:25 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2187
x-served-by: cache-pdk-kpdk1780068-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Tue, 13 Apr 2021 17:07:43 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ac0ceea35c03a611
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GFqtpOFbwAA7ewp.jpg
pbs.twimg.com/media/ 200 KB
200 KB 163ms
163ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GFqtpOFbwAA7ewp.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3794a8a082085ef80e7c449006cf2e5d095451f9170aa9d2dea77e1e443b575f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=631138519
date: Fri, 12 Apr 2024 22:11:25 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 204689
x-served-by: cache-pdk-kpdk1780056-PDK, cache-iad-kiad7000059-IAD, cache-tw-ZZZ1
last-modified: Tue, 06 Feb 2024 16:30:32 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: beb4deb88f6e956b
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 / Show response
sh.adingo.jp/p/ Frame 91EB 3 KB
1 KB 331ms
330ms XHR
application/json 54.92.67.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/p/?G=1000134479&href=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&R=&serial=17479709808740&guid=ON&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=a4fc7b35-0478-41da-b8a5-14f82e020506&ch_pv=10.0.0

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.92.67.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-92-67-224.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4954afb47a9df2e4ad8fc5ecb2c8dbe07ab1d72966ba4aaed9f679a00ab63564

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 22:11:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buhitter.com
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 AGSKWxXUE1EnpChiiEsIOvHYTejhJ57AEKpoA8RV3ow5zGKzz4ZnO4DfQ_4PwFYKyrcj3H6AOnt5mTo6MSPlEv-VIT5S3v_ums2hgfMVL5alCw6lk6xxcNu_jAQOkaXxNj565PjPLmuR1A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 88ms
88ms XHR
text/html 142.250.80.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXUE1EnpChiiEsIOvHYTejhJ57AEKpoA8RV3ow5zGKzz4ZnO4DfQ_4PwFYKyrcj3H6AOnt5mTo6MSPlEv-VIT5S3v_ums2hgfMVL5alCw6lk6xxcNu_jAQOkaXxNj565PjPLmuR1A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NMsy0Y3Qw6cH07F_CUKTqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NMsy0Y3Qw6cH07F_CUKTqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1iDgFiIh6Pn8bMNbAIv1r5fzwwAyJIM3A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmt.js Show response
dmp.im-apps.net/pms/r7RdVKlj/ 6 KB
2 KB 244ms
70ms Script
application/javascript 2600:141b:1c00:19::17c8:5823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:19::17c8:5823 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6c2c43612b9e53467fbe9f5ee67c29533bb78dddbd66842a01193114d1dccd65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .uxXyX5lCDwpBVGcpPS7Nf3Xzhh245vK
content-encoding: gzip
date: Fri, 12 Apr 2024 22:11:25 GMT
last-modified: Tue, 24 Aug 2021 11:51:36 GMT
etag: "2af1afff2612b7de3cca7767700b4b41"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1994
expires: Fri, 12 Apr 2024 23:11:25 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame CA60 83 B
323 B 174ms
58ms Script
text/javascript 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b42f0ce2933dec5f6c6338f5bc09f001150b2fc5a89e9b685804c4c4938143c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 880148
expires: 60

GET
H2 200 j Show response
j.zucks.net.zimg.jp/ Frame CA60 8 KB
4 KB 760ms
569ms Script
text/javascript 108.138.128.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://j.zucks.net.zimg.jp/j?f=512732

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-98.jfk50.r.cloudfront.net

Software

Resource Hash

f21769ac3159a009518a63dc7f090e96223404b9a2c0a21c5a902c6a902cf84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 22:11:02 GMT
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
x-amz-cf-id: KcrB84BZ7Se6_yObAJxckF8McT8sYetZw59Tw706miTYd60yj38z3Q==
expires: Fri, 12 Apr 2024 22:16:25 GMT

GET
H2 200 / Show response
i.adingo.jp/ Frame CA60 43 B
408 B 635ms
201ms Fetch
image/gif 43.206.43.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.adingo.jp/?p=LuCU6FUpeFyK8BzcplyU699gsdyKdv6UYPVuSmdXWIe4F-acuVGv_b74WbbstbucnnKtgL86lKryidUlLWB7EZd101L35zlu56T8u3r71y-ucYf2JR_IfMxvIkiMAV9Zf6mB_l9WF_ruQynW5cn3Iaum41u6gj6BPtswnUgUMS1b0nkFlHj68goqOOAH-ymxLRCca2rok9bBkkB9fQ5smwJTDq8f4nSmECH2t7hbDhtppRAl9OUQnq10OQx86UA1Xbup2wQTSjnS15iGof_UflyVZQBc6Uddi0ZAuzsqhaBXmjTNhCVctmqEhd393h-nOINzLQQMZxTMCI5PQ3ucC4o6rY_89qefBIaqguWay6XZKR-Vmgl7BkNJLEU2bM6cqWupDWKtBNPiRw..&k=3&v=fvNr8n06lcxNCxId
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.206.43.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-206-43-189.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:25 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 91EB 83 B
0 146ms
146ms Script
text/javascript 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b42f0ce2933dec5f6c6338f5bc09f001150b2fc5a89e9b685804c4c4938143c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:25 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 880148
expires: 60

GET
H2 200 2.js Show response
pdn.adingo.jp/p/792ea09/lib/tpl/ Frame 91EB 10 KB
3 KB 63ms
63ms Script
application/javascript 108.139.47.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p/792ea09/lib/tpl/2.js
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-69.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ded26fd1ccaa3a4456bbdf2e2528f29d879eec99cf318b062973e7a1ecd4e36

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:05:36 GMT
content-encoding: br
via: 1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
x-amz-version-id: qQx6d_d_3oce0FQT7rFDTC3ZDKAk6Tb9
x-amz-cf-pop: JFK50-P1
age: 350
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2521
last-modified: Mon, 19 Feb 2024 05:05:12 GMT
server: AmazonS3
etag: "ecac6ddf3848b63047e413971eeec941"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: W_E-uzNGyXl1J78-958s-iO89AmMzKPtZ5VErNsVD_CQOYKggouG4A==

GET
H2 200 28335_600x500_022_s12.gif
img.fam-8.net/pic/124/ 877 KB
877 KB 2411ms
1092ms Image
image/gif 163.43.243.44
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/28335_600x500_022_s12.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.43.243.44 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d7ba2fc648d70cb06aacd888ac88bec5403e217926f58034c0537551746e0923

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:26 GMT
via: 1.1 sac-elb
last-modified: Wed, 29 Nov 2023 09:22:34 GMT
server: nginx/1.16.1
etag: "656702da-db244"
content-type: image/gif
accept-ranges: bytes
content-length: 897604

GET
H2 200 28633_600x500_027_m5.gif
img.fam-8.net/pic/124/ 637 KB
638 KB 1740ms
422ms Image
image/gif 163.43.243.44
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/28633_600x500_027_m5.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.43.243.44 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d2b930a1b1c9df619165395eef6d30ac9dc19e54209ea9ace5c98199a9d05e62

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:26 GMT
via: 1.1 sac-elb
last-modified: Mon, 11 Mar 2024 07:52:37 GMT
server: nginx/1.16.1
etag: "65eeb845-9f3dc"
content-type: image/gif
accept-ranges: bytes
content-length: 652252

GET
H2 200 27164_360x360_056.gif
img.fam-8.net/pic/124/ 240 KB
241 KB 1734ms
422ms Image
image/gif 163.43.243.44
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/27164_360x360_056.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.43.243.44 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a877716a530d8efd771a43c9b10bf83f0d80f16c8016e00cbc1a0630e38fe9c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:26 GMT
via: 1.1 sac-elb
last-modified: Mon, 17 Apr 2023 07:16:10 GMT
server: nginx/1.16.1
etag: "643cf23a-3c180"
content-type: image/gif
accept-ranges: bytes
content-length: 246144

GET
H2 200 26969_360x360_074.gif
img.fam-8.net/pic/124/ 283 KB
283 KB 2362ms
1049ms Image
image/gif 163.43.243.44
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/26969_360x360_074.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.43.243.44 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d754b3e09a9fe462eeacb2ae1338a87954bf4fd0367904d52f563f944d3801a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:26 GMT
via: 1.1 sac-elb
last-modified: Tue, 07 Mar 2023 06:57:47 GMT
server: nginx/1.16.1
etag: "6406e06b-46aa7"
content-type: image/gif
accept-ranges: bytes
content-length: 289447

GET
H2 200 27210_360x360_002.jpg
img.fam-8.net/pic/124/ 63 KB
64 KB 1942ms
629ms Image
image/jpeg 163.43.243.44
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/27210_360x360_002.jpg
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.43.243.44 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a7dcc80d89cbdb2019a8b3d933770de8f2dc2510300e9afb481f6a4bcd843a52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:26 GMT
via: 1.1 sac-elb
last-modified: Fri, 21 Apr 2023 08:57:42 GMT
server: nginx/1.16.1
etag: "64425006-fda5"
content-type: image/jpeg
accept-ranges: bytes
content-length: 64933

GET
H2 200 28336_600x500_023_h6.gif
img.fam-8.net/pic/124/ 992 KB
993 KB 1523ms
211ms Image
image/gif 163.43.243.44
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/28336_600x500_023_h6.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.43.243.44 , Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 1551508aab41a2de14c3fb1ea43daf07d71d5a825df515e7d5d826dd60f227ac

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:26 GMT
via: 1.1 sac-elb
last-modified: Wed, 29 Nov 2023 09:22:34 GMT
server: nginx/1.16.1
etag: "656702da-f81dd"
content-type: image/gif
accept-ranges: bytes
content-length: 1016285

GET
H2 200 j Show response
j.zucks.net.zimg.jp/ Frame 91EB 8 KB
4 KB 152ms
62ms Script
text/javascript 108.138.128.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://j.zucks.net.zimg.jp/j?f=512731

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-98.jfk50.r.cloudfront.net

Software

Resource Hash

fabc494f98771bc638580a4415ff3c9af16388bce34ee98a3e469764e9667ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 22:11:02 GMT
via: 1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
x-amz-cf-id: 86TXZno5i-l_3Nzcu9gSy9gudQNjsoAliwW-DvC8E7QrV4lsf0vq7w==
expires: Fri, 12 Apr 2024 22:16:22 GMT

GET
H2 200 / Show response
i.adingo.jp/ Frame 91EB 43 B
407 B 538ms
204ms Fetch
image/gif 43.206.43.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.adingo.jp/?p=_k0H-rybJs88S706jxxfKDgtkl3oy2tEH_5a_LDEXmiBACE7NMDHAFxVoDprSEPd0NhfsDbL1ZlTNA5gPkBffO8s_-5TEnSRK_G4os49ggEdXqVEoLH1zHXTfu0ik8RWVYWTnuLqAC_t-h9KEJfpl1ZhMzgPyosM1_CkPzXGjJM-woqhqgQMfLejGDfr1w6bCybz6YAc-iZv9tdkjiJo0NsjSqG12ZrNnoYoa9SuNhWmH18tZrs_Plf2PBt9mZma8adTLGvF9yedaNE_EYrXdb-5mCJzgB1U4zTAAPi4STI4BikQHCVL45UqFuSBWWQXNw5tui-2INh9dBhoXd-G2GsJw_L_Jy1PsL99I0YjK42u_OGfblnKDUapyBUrIAyPRil3NTgB8rhn&k=3&v=Cb3E1Ft4tPs4LTrT
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.206.43.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-206-43-189.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:25 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 close.svg
pdn.adingo.jp/asset/ 668 B
1 KB 64ms
64ms Image
image/svg+xml 108.139.47.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdn.adingo.jp/asset/close.svg
Requested by: Host: buhitter.com
URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-69.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f49c5525fcd7050780d3286acf4fc0c1868db2543038791f7c0de838788867cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 18:04:08 GMT
x-amz-version-id: 7qBAwFuOoHzgELydSqd2hmdq7ZZs2PZj
via: 1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 05:05:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 14838
x-amz-server-side-encryption: AES256
etag: "2a92048396f5f7ce7cf36f6049b46107"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 668
x-amz-cf-id: zYrq0JNPEIOYwWU4UafU6pb2cko7BWWEzckTrT1v9wZLuMh-M8oDvw==

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame CA60 43 B
284 B 58ms
58ms Fetch
image/gif 44.194.254.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=criteo_rtus&id=e3VyjLtHJhpmJhwIqlME8MmBlGoxxE8z
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.254.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-254-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Fri, 12 Apr 2024 22:11:25 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame 91EB 43 B
284 B 58ms
58ms Fetch
image/gif 44.194.254.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=criteo_rtus&id=e3VyjLtHJhpmJhwIqlME8MmBlGoxxE8z
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.254.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-254-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Fri, 12 Apr 2024 22:11:25 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 7 KB
3 KB 70ms
69ms Script
application/javascript 2600:141b:1c00:19::17c8:5823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:19::17c8:5823 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: af9d723d4c621600964048ddded8d311960ded0483d2293f279d708497cb6e65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4dMO94qwEHYQtvUAVFuyqQQu4HVB2tjC
content-encoding: gzip
date: Fri, 12 Apr 2024 22:11:25 GMT
last-modified: Thu, 11 Apr 2024 07:42:11 GMT
etag: "72e16b9479224b45c74655a798f93cb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=2582
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2699
expires: Fri, 12 Apr 2024 22:54:27 GMT

GET
H/1.1 200
OK segment Show response
sync6.im-apps.net/ 35 B
318 B 515ms
351ms XHR
application/json 2600:141b:1c00:22::1730:e06f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/segment?token=X19pbV9zaWRzMg
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:22::1730:e06f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 16c53d5f9adafc9a00083e1cbd987e8087e7f1dcea1baf2867d9861c873bbd70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:11:25 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H/1.1 200 v1 Show response
sh.zucks.net/opt/multi/json/api/ Frame 91EB 745 B
2 KB 861ms
203ms XHR
application/json 3.114.235.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/multi/json/api/v1?f=512731&rnd=973748893&sw=1600&sh=1200&touch=0&num=5&ref=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&chm=&chpv=10.0.0

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.235.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-235-8.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

b8de647126255066af1ab6169634092dfd98070c262110384ef32fcdeb4c8c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Fri, 12 Apr 2024 22:11:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2024 22:11:26 GMT
vary: accept-encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 625
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
171 B 303ms
203ms XHR
application/json 2600:1901:0:e207::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6837&vid=01HVA5V44DDAKTHC9THHBAW3P0
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://buhitter.com
date: Fri, 12 Apr 2024 22:11:25 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200 v1 Show response
sh.zucks.net/opt/multi/json/api/ Frame CA60 745 B
2 KB 559ms
204ms XHR
application/json 3.114.235.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/multi/json/api/v1?f=512732&rnd=879777917&sw=1600&sh=1200&touch=0&num=5&ref=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&chm=&chpv=10.0.0

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512732

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.235.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-235-8.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

0d8eee5032b11f7f1d71dab7c8f0bd64ee72d26097f9b067ac02713a763da599

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Fri, 12 Apr 2024 22:11:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2024 22:11:26 GMT
vary: accept-encoding
transfer-encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
k.zucks.net/i/ Frame 91EB 2 B
741 B 850ms
199ms XHR
application/json 3.115.240.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k.zucks.net/i/?k=ZGOK&p=YDcxn6rQ983FTmXQ8qynCcZTk1tmtR2EA1wCuW6sqFKw_tlVbMV2YhWZ67B6bByCJzV6fYgYq876b3tcUUPWHrdzeb-nLL6APB_YwThHITBtnLCj9GYwDM_PXR198Q4UPZ2Lww4u1Uq43BZOHuJtddD6KE7ROt8neRrARB5KXAaD2ou-Tq2UEzsPnhPIcnj708pLH9zl-sPDqw2miQRzh725CK06NDsikkryWxYhVKxizS9e6vUCS_TvCP5gMxB4yllUnJ7_ODLD7uzCLUO0IHFp0PqtSEf7UO-4sKDRMAAm6W-vh6VDFLWldnufIuzhz37J-kDQdVvqYjWjdDwgUQmGD7y6o84vD3dn0rzZQs3u8umZNFPawrC48H6S5d-OVb3f3BoY1qNKbBE83fq9GGbBlnb660R3NKqNOONiVasCDIEFrMmiFrhmGGpbLVgoMjgyoPQWkxsSptKwbwTRKi1YljXXwqFDlsJDQQpO67Vj763hXvFgwqAX9ppQi_4PwU-ZwuPZYbsKq-I1Y2kKRv7rT--OuSqLBGjMZqllmC5mjKGALkX_HvwXqto749hUp8YIFLwBNRKTSp85DRGcZvtwrG1mAEs3wBMMwxKTSoTS8I-9hzybPZuksIuXYSflr7IC2DqD_Ug&v=zeUMPFuFYJg

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.115.240.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-115-240-144.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Fri, 12 Apr 2024 22:11:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2024 22:11:27 GMT
Server: nginx
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 2
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
k.zucks.net/i/ Frame CA60 2 B
741 B 815ms
208ms XHR
application/json 3.115.240.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k.zucks.net/i/?k=ZGOK&p=66Pw1nmtSuxtHI19Z6cH-nzenjOHko2auHnfm7_lMzFgECCoOJN3wOFiM2Q9zkm49xtQ4teRpeIKrEmYvx0QvsLvQzwPu1jPAYDcSj2icTmlAZy3oyWPCcDnP7pq2UDFH7M-qWgi045_aiZdO2xGWbxVLEaCMq6dzpqKF7iUfSdVWij22-aBPWTOEeH-WfaqHaiAk34TQq6t_p0bHQTSFmEuWWj5f1nzD559gTUCrWgSYlbLaySweYnlyYJTPbAuznHInaSfLCbADDj5Djl6Jst9c4DPpNGCaQ_kYJKfmXwmRefi1BrLbLZDf0eI2g4i5v_Tk3w8h4FFckrAvXQCp5l3EL_Q45HsqmiEg70nA7ohunaVmu_EvtPnr9JRaZgr8YZ8zbm8hgvUIKZMfUzza01r8ABYrfgpg644nG3xHMmn-c6ILo22fhh_Q61vUFd-MwY12GmSgPjwG70AwYMa4xdMRc4QuPQS3ZDtHBzZSgMpYPYlxb2Hy_bqGS2Bt8gFTkVWWSIbm45fGn_A9rtH0fuf7JwtKnRqz40-c2cKUfgD8Z1V_QEseK3aX8AH8aIwsOpoO6KVLcnCL-HcaCxbMA0iGerduiv2a4BRIcvM3mv1Uhj4Own8Mh0xdJX8A6dgc-djgEYVsqI&v=bCVIXqLd6-U

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512732

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.115.240.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-115-240-144.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Fri, 12 Apr 2024 22:11:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2024 22:11:27 GMT
Server: nginx
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 2
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 144ms
143ms XHR
application/json 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

c300731fea46f4e480280af3028dc8593f86d6862904d0f8b2f5c7cc6519613a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12304
x-xss-protection: 0

GET
H2 200 favicon.ico
buhitter.com/ 5 KB
951 B 45ms
44ms Other
image/x-icon 2606:4700:20::681a:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buhitter.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ec85fba587a55f802b52fd4f141f38f6683f6c456d2b0f4b5ce0292a1e3de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 21 Jan 2024 10:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4799
etag: W/"65acf187-1536"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpTi%2FSi6GK2agKTw08hwYDI9L1YnL8BUaxmwXtUhIQHYE1mkUn6rnoo8ofkq8cTeY3oyD9%2Bxli3TvaT0FZfproyVUBhn5uhXgMIa1MtN9Ga2phHiM%2BbO31oFwQOAIVLRCrteHmDQvJfuSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 87368d671a920975-MIA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404100101/pubads_impl.js?cb=31082680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 22:11:28 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE8B 0
0 192ms
63ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 327955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 03:05:33 GMT
expires: Wed, 09 Apr 2025 03:05:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame FEC8 0
0 207ms
83ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wdy4MJxq68j1ZEOqJ-lttw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wdy4MJxq68j1ZEOqJ-lttw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 22:11:28 GMT
expires: Fri, 12 Apr 2024 22:11:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 75ms
74ms Ping
text/plain 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je44a0v886998702za200&_p=1712959881893&gcd=13l3l3l3l1&npa=0&dma=0&cid=1591324837.1712959883&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEI&sid=1712959882&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fsearch%3Fq%3D%25E3%2582%25AB%25E3%2582%25B0%25E3%2583%25A9%25E3%2583%2590%25E3%2583%2581%26start%3D%26end%3D%26order%3D1&dt=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81%E3%81%AETwitter%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E6%A4%9C%E7%B4%A2%E7%B5%90%E6%9E%9C%E3%80%82&_s=3&tfd=8474
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:11:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404100101&jk=3498751142988842&bg=!WFulWxTNAAbi8lI9wvI7ADQBe5WfOKdl_aViDWqEnYvkdXfbuoEDSKE610L1EbS4kgPxJZNla0idMBXXc6ryvacd6LAaAgAAADdSAAAAAmgBB34ANVI2_SxDpLnZxiu7Z8iLzx0m047b3r7VpwnlV2ZoSyrZ7Hm1XWf9M0Hagjy9UAiWlSv-XLAiCgBxJ4dg-t3XrB7ny-8KopZI7zRXty_aH8g_9qF7MhpPAMGZ3zunOwP49rh43k_YHzYUzLK8w9b6oWARGIB-M_iz9rGZUVH715Zps3siCIYyMHcICILbeuhjc9iuo32oRBHOKmBKS3esQHm9tp9uuqn-0KeZAqSL_PZbAivXrNDFnm2ZMxiABPHPzGEDn5EcozvC9LyUUF6g1xzS4ZqCkX0c-OfUKS-zBOgs8C0tql8bWp0xj4hkHfQY0-8uvbW1k7YC0tl5L8qV1U2Zt2mMnBEfEYJLmyEvXVljV2ZVhNJgUhZ-dTCJhJCOjHuL7tgn3DrnfVDpeAKXQ6DnWs2Gqmk56KxWvRAo6Ro8lQGOCE94Y1_aP7Hey7c8CE7TfdZfilX0Bf4Tw8ybHqWiuMuyfejTVANE-hHKNYK2ophpM4Tt8a9oQkrBgIgHNZoxtHqcmD9Sy4WKisOytpV_iEz28bxwNCP8-DAbZOcF9m0dfQLJREw1jwDZwc4hxAEb9xXu6atsmK9JRnaUi41uaWewHGC14AkoehvX_qOFcgrtjtDCd4SwuX6bAIgNg-rNglsIUYGeP9XtXP3_CcnMzwnCtG43gNSqaVrvFg-N6RgPjDDrW5t619O635_Ep8AbZy51w-ZNLlzkYltT0AatqMR8vB12kI_KrwkhEbj1fWIkVBP970s_D_Qne8xD254Dk4-VEfG_452qtE2S_YUfCUBFVZYysuBKvLsNKoNSm7nQXQ_TJ6fUrBlGHaTEcWuy0h-Jvn6Nnv6GGCPzn9RItmK8RaNWiqMmG7afbS_5tDs_t95q0I9u7xlk3RBYNWCQROWlETBxVvbpa919kZP-u0CIOgYZ_5VVbi7TWJjIMaeSsSpLJtFku38r3p-KOyvnQa6Mn-10iwKwG-y3HVklRw36Vw4HSK_jcxdzbVuinIp2SMPQBdLXHjhlzamNm4wBrkPfofoxY9RW9-CeDBQ0WJYVVOyYlK4Bv1nfGIFsg8H5754mFj_7dl20ATAfCIl5TVUDuKXY2x9hQ2qo-k8vJapzTzf0CBsKxduORha5

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhitter.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1c03m400ddn9f8mgc60tlj37nv
.buhitter.com/	1970-01-21 05:25:19	Name: _ga Value: GA1.2.1591324837.1712959883
.buhitter.com/	1970-01-20 19:50:46	Name: _gid Value: GA1.2.980749295.1712959883
.buhitter.com/	1970-01-20 19:49:19	Name: _gat_UA-115935434-1 Value: 1
.buhitter.com/	1970-01-21 05:10:55	Name: __gads Value: ID=3ee7a247b46d5be0:T=1712959883:RT=1712959883:S=ALNI_MYqq2K3UNow4U3rfWbxxEBk_x6GgQ
.buhitter.com/	1970-01-21 05:10:55	Name: __gpi Value: UID=00000ddd9bf765b9:T=1712959883:RT=1712959883:S=ALNI_Map155GqslNIKewl76DXua4TRyFpw
.buhitter.com/	1970-01-21 00:08:31	Name: __eoi Value: ID=5ab6a153f5dc5843:T=1712959883:RT=1712959883:S=AA-AfjaL6UCTdaz4Bfu_bfuvU9lD
.criteo.com/	1970-01-21 05:10:55	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 05:10:55	Name: uid Value: de7ceba7-ed22-45e8-bba3-7994371b3c35
.buhitter.com/	1970-01-21 05:10:55	Name: cto_bundle Value: 3SsUlF9WbGxTMHIlMkZlQlczMzNWeSUyQlV1bDJjNFRSYTVJVkxZZ2lsYTJEWTdCR2VFbzAlMkZkRzRrTElSVUxsZGtBREljayUyRmZDenlDZTRwUTc5cFlDc01oMmRQV3lvOTNraG9IRThVenNaJTJGTSUyRmZKNnJmYk9LbmV0MHZxYldrRXVGdFU3a0c5SlNkYU16S1Q3Smc2SVJaOUNtbVRvJTJCdyUzRCUzRA
.buhitter.com/	1970-01-21 05:25:19	Name: _ga_74YKYKK7PB Value: GS1.1.1712959882.1.0.1712959884.0.0.0
.doubleclick.net/	1970-01-21 05:25:19	Name: IDE Value: AHWqTUleGfugml9d6DjYeDWNVkl6INjnyTriTyincVUBEGl24ey7h0hDEL1K_hUAOUU
.buhitter.com/	1970-01-21 04:34:55	Name: FCNEC Value: %5B%5B%22AKsRol8S22K3FWwNUSze572MhyKE7EAugalQ9hTs4eZrmY437hcgzn6RsBt5e-d0qBTfZHkVB8B-tkxXEn6lQIqzeIfKJfKUfoLyz620OlNwzX7-eZNVdAwTi29Mpl0CQeVLJKamsArmJQNAktiArHlX7t4WGQbZcQ%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22614%22%5D%2C%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1712959884%2C549604000%5D%5D%5D%22%5D%5D%5D
sh.adingo.jp/	1970-01-21 00:08:31	Name: receive-cookie-deprecation Value: 1
.fam-8.net/	1970-01-20 21:58:55	Name: uid Value: admx8ed45c133cx203
fam-8.net/	1970-01-20 21:58:55	Name: _imps Value: 35111%2C7444%2C0%2C35111%2C13900%2C145103%2C0%2C0%2C1530%2C1712959787%2C%2C%2C%2C0%2C%2C%2C0
.buhitter.com/	1970-01-20 20:32:31	Name: _im_vid Value: 01HVA5V44DDAKTHC9THHBAW3P0
.adingo.jp/	1970-01-21 04:34:55	Name: ID Value: 179e6717549c56fc5f7a9d601c660fcf
sh.zucks.net/	1970-01-20 19:49:23	Name: AWSELBCORS Value: 41A171131E9B8C939F7087DC96908658B57851A86484F8DD0F0ED9CABA7F99F6ED1A8F8B6D7603B8C7CDDE1084D1BC62464CD15329A648AACDDF7558F044BC30FCD33BC209
.zucks.net/	1970-01-21 04:34:55	Name: ID Value: 030609deb2c33b21907a545fc2d932e9

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://fam-8.net/ad/js/fam8-tagify.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fam-8.net/ad/js/fam8-tagify.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://pdn.adingo.jp/p.js(Line 14) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/search?q=%E3%82%AB%E3%82%B0%E3%83%A9%E3%83%90%E3%83%81&start=&end=&order=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ab508723458d5ba0f8a440edd54e5e4.safeframe.googlesyndication.com
audiencedata.im-apps.net
buhitter.com
cdn-fluct.sh.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
code.jquery.com
cs.adingo.jp
dmp.im-apps.net
fam-8.net
fundingchoicesmessages.google.com
gum.criteo.com
i.adingo.jp
id5-sync.com
img.fam-8.net
j.zucks.net.zimg.jp
k.zucks.net
pa.adingo.jp
pagead2.googlesyndication.com
pbs.twimg.com
pdn.adingo.jp
securepubads.g.doubleclick.net
sh.adingo.jp
sh.zucks.net
stackpath.bootstrapcdn.com
static.criteo.net
stats.g.doubleclick.net
sync6.im-apps.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
108.138.128.98
108.139.47.69
141.95.98.64
142.250.65.226
142.250.80.100
142.250.80.66
142.250.80.78
142.251.32.110
142.251.40.100
163.43.243.44
18.164.96.118
202.231.228.162
2600:141b:1c00:19::17c8:5823
2600:141b:1c00:22::1730:e06f
2600:1901:0:e207::
2600:9000:2511:5400:a:e047:753:eb41
2606:4700:10::ac43:266a
2606:4700:20::681a:bd7
2606:4700::6812:acf
2607:f8b0:4004:c06::9d
2607:f8b0:4006:807::200e
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2008
2607:f8b0:4006:81d::2001
2620:100:a00b::12
2620:100:a00b::4
2a04:4e42:200::485
2a04:4e42:600::649
2a04:4e42:77::159
3.114.235.8
3.115.240.144
43.206.43.189
44.194.254.43
52.195.28.185
54.92.67.224
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07
07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f
0d8eee5032b11f7f1d71dab7c8f0bd64ee72d26097f9b067ac02713a763da599
0ded26fd1ccaa3a4456bbdf2e2528f29d879eec99cf318b062973e7a1ecd4e36
1551508aab41a2de14c3fb1ea43daf07d71d5a825df515e7d5d826dd60f227ac
16c53d5f9adafc9a00083e1cbd987e8087e7f1dcea1baf2867d9861c873bbd70
16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9
18ec85fba587a55f802b52fd4f141f38f6683f6c456d2b0f4b5ce0292a1e3de4
1e9383afb3f42753d84c00afd1d60e2b9e8d57853b2737cda0345bc6e9d5bc97
1e9d30aa51078d732f1c5794a4c68343d40c10e441ed194aaf2f0f3c82e9b1b8
1e9edf6dd30481a6529c42365fe54a7e1a1e1f18bd926fa936ce3898a4d196a5
281abc3f214434d715c0002676a280ed6449a3ca0e66a6d5a9aee539dc0cfea2
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7
34ec28d4a67e1e34f833bc05f45967c00703513aa17e10d3dc2cbe29bc6f3e7c
3794a8a082085ef80e7c449006cf2e5d095451f9170aa9d2dea77e1e443b575f
3caf7678af6d63289ec4d11afe404aaadc364d038a5d17bb97235945f075ed0e
43741e9b4f7ce8f3b22e0f513a8d3a3f9201e00be519dd760825d83afb24dfae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444ae064889d8b93f1329f06ec305dbe816c8c0dbb9f4f6ca0c52b0b8854ff8f
4954afb47a9df2e4ad8fc5ecb2c8dbe07ab1d72966ba4aaed9f679a00ab63564
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395
57745e0b18204b832ee97376a48473610630b237857f4a970f99acf58dc9acca
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c2c43612b9e53467fbe9f5ee67c29533bb78dddbd66842a01193114d1dccd65
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
76efa13016fe2687e5f0c4f56178d287a11bad457970017ceb202130b960a172
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8525fee23950a045cfdbd05e8cf1d9984f96f066eb2414328a825bec3a456588
89040fd34c868380d96d78b5a3b165170a98672808a8e6dc99e4d04c0a5c6306
8a188697cb0e63ed1a34f342e5d4168d33229bf967c81db93c951b021c5ad8d0
8c04b9a14b5022b429617794e8732840d0ce3ba0e1a77cc296bad062850acf84
8fa4744814b9ea3f31015b20d557d4c678538cc4e076c874b17ba5f9ea2f4c07
9476fb180c0a8ac2a32a81203c766331400fbcf6a5b614a1220b52fca4732089
961e59da46c54752dfc5c427a74bc4314b092be0ee05c66cbc38bdca869312f8
99dae4d4dec24cfd08ab564f69012c7dd5e6635b99c9bce8f94e05d8da5f1e8c
9ac05f4dc169bccbdcc2eddeb48ae291677b93dcda685d1b2cfb8736272a2140
9be2acd6996e54b38de49ff538f384c565a21d539818e9d430977be1a9e5ed0e
9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7dcc80d89cbdb2019a8b3d933770de8f2dc2510300e9afb481f6a4bcd843a52
a877716a530d8efd771a43c9b10bf83f0d80f16c8016e00cbc1a0630e38fe9c0
aca0e28aa55849ee4eb13733950c025c8944325eb0bb737dd666294a833790ed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9d723d4c621600964048ddded8d311960ded0483d2293f279d708497cb6e65
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b9dfa39106ef08fe2086fc2a8f1a7b6fe49fed7141a0a73f4f46b8a59c4ab9
b42f0ce2933dec5f6c6338f5bc09f001150b2fc5a89e9b685804c4c4938143c4
b60670b87773e1a0b35ffde2c4137905c659d17d0a2b1d1af75465cf747a73e3
b8de647126255066af1ab6169634092dfd98070c262110384ef32fcdeb4c8c17
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
c300731fea46f4e480280af3028dc8593f86d6862904d0f8b2f5c7cc6519613a
c64252f57017f98491f965e04755b624e032389bc5edb92a6bdd55dbef5dc6c7
c648f12f3377a6026683e2bcea280e9b890ffddaf2294b58bde5fb313b6be8ff
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d2b930a1b1c9df619165395eef6d30ac9dc19e54209ea9ace5c98199a9d05e62
d618e5fc57d5e5ead059bb610c6ef38099be2ba917af1e3e163206ab106b0ce0
d67570e6eac285b35dbb7e4e942474a71b78b82aa41bef296d24ad9086bc58c1
d6d0cdd93a3211b3770f16ed7a3a70cfe1aa1fd67f50f50bf64a1014abe9efb3
d754b3e09a9fe462eeacb2ae1338a87954bf4fd0367904d52f563f944d3801a4
d7ba2fc648d70cb06aacd888ac88bec5403e217926f58034c0537551746e0923
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df024d5fd7ded509295766d0c6a77c12d4d96c3fc0fe989f6505afdcfa4c117c
e33e8f779a2eb184b64d9d217e3eaddd99598195f8b00d2b8891193562efb9af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef52687c155c8a8d9bdf3b6a05fdb9e8949d8c0af535827202485787774cd790
f21769ac3159a009518a63dc7f090e96223404b9a2c0a21c5a902c6a902cf84d
f28454ecc4cd5778641a83872fbb4563ebb174e86c5a5581d0dd6e7b1c0d523c
f49c5525fcd7050780d3286acf4fc0c1868db2543038791f7c0de838788867cf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fabc494f98771bc638580a4415ff3c9af16388bce34ee98a3e469764e9667ede
fca24f2a73a645080321fda156f43b8a0e81b872891f4f387e42c63cfad86ac3
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

buhitter.com Open in urlscan Pro 2606:4700:20::681a:bd7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

99 %HTTPS

51 %IPv6

19 Domains

33 Subdomains

38 IPs

3 Countries

4754 kBTransfer

6770 kBSize

20 Cookies

26 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buhitter.com Open in urlscan Pro
2606:4700:20::681a:bd7 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

99 %
HTTPS

51 %
IPv6

19
Domains

33
Subdomains

38
IPs

3
Countries

4754 kB
Transfer

6770 kB
Size

20
Cookies

101 HTTP transactions
3 data transactions