read.ojoutobankenkun.online Open in urlscan Pro
2606:4700:3031::ac43:de89 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://read.ojoutobankenkun.online/
Submission: On February 19 via api (February 19th 2024, 5:45:21 am UTC) from US — Scanned from US

Summary HTTP 147 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 17 domains to perform 147 HTTP transactions. The main IP is 2606:4700:3031::ac43:de89, located in United States and belongs to CLOUDFLARENET, US. The main domain is read.ojoutobankenkun.online.
TLS certificate: Issued by GTS CA 1P5 on January 6th 2024. Valid for: 3 months.

This is the only time read.ojoutobankenkun.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2606:4700:303... 2606:4700:3031::ac43:de89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
5	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::61	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:fbe0:1:4... 2607:fbe0:1:42::1a	40824 (WZ-US-40824) (WZ-US-40824)
7	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 17	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::65	15169 (GOOGLE) (GOOGLE)
2	204.155.151.34 204.155.151.34	40824 (WZ-US-40824) (WZ-US-40824)
23	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c17::64	15169 (GOOGLE) (GOOGLE)
2	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4004:c0b::93	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c1d::78	15169 (GOOGLE) (GOOGLE)
1 3	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4004:c09::66	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:6::6	15169 (GOOGLE) (GOOGLE)
2	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21da:b800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
147	25

27 2606:4700:3031::ac43:de89 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

read.ojoutobankenkun.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ojoutobankenkun.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:fbe0:1:42::1a (United States)

ASN40824 (WZ-US-40824, US)

silentinevitable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

followingpartlyindicator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c0b::9d (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.155.151.34 (United States)

ASN40824 (WZ-US-40824, US)

www.icy-location.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::93 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c1d::78 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.16.157 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::66 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:6::6 (United States)

ASN15169 (GOOGLE, US)

r1---sn-ab5sznly.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:b800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	857 KB
27	ojoutobankenkun.online 1 redirects read.ojoutobankenkun.online ojoutobankenkun.online	677 KB
20	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	173 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	171 KB
14	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com — Cisco Umbrella Rank: 2	71 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	141 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r1---sn-ab5sznly.c.2mdn.net — Cisco Umbrella Rank: 137585	948 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	icy-location.com www.icy-location.com	53 KB
2	silentinevitable.com silentinevitable.com — Cisco Umbrella Rank: 480188	14 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4434	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	186 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 906	612 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	262 B
1	followingpartlyindicator.com followingpartlyindicator.com — Cisco Umbrella Rank: 760556
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 940	94 KB
147	17

	Domain	Requested by
26	pagead2.googlesyndication.com	read.ojoutobankenkun.online pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
25	read.ojoutobankenkun.online	read.ojoutobankenkun.online
23	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.googleapis.com	read.ojoutobankenkun.online googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	2 redirects
3	www.google.com	2 redirects tpc.googlesyndication.com
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	ade.googlesyndication.com
2	r1---sn-ab5sznly.c.2mdn.net
2	www.googleadservices.com	read.ojoutobankenkun.online
2	www.icy-location.com	silentinevitable.com
2	silentinevitable.com	read.ojoutobankenkun.online silentinevitable.com
2	ojoutobankenkun.online	1 redirects read.ojoutobankenkun.online
2	cdn.onesignal.com	read.ojoutobankenkun.online cdn.onesignal.com
2	www.googletagmanager.com	read.ojoutobankenkun.online
1	cm.g.doubleclick.net	1 redirects
1	d.agkn.com
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google-analytics.com	www.googletagmanager.com
1	followingpartlyindicator.com	read.ojoutobankenkun.online
1	code.jquery.com	read.ojoutobankenkun.online
147	28

This site contains links to these domains. Also see Links.

Domain
ojoutobankenkun.online

Subject Issuer	Validity	Valid
ojoutobankenkun.online GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
silentinevitable.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
followingpartlyindicator.com R3	`2024-01-25` - `2024-04-24`	3 months	crt.sh
www.icy-location.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://read.ojoutobankenkun.online/
Frame ID: 86A0E99BE875D0CDB28EBDA7B6F995B1
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 00BD3C88D6860E55476E797EB3E28510
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&adk=1812271804&adf=3025194257&lmt=1708309001&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512640&bpp=4&bdt=655&idt=713&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4392209274433&frm=20&pv=2&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=734
Frame ID: 75085D161840AEDBA988757A684908FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&h=280&slotname=5705440719&adk=401755941&adf=33086468&pi=t.ma~as.5705440719&w=920&fwrn=4&fwrnh=100&lmt=1708309001&rafmt=1&format=920x280&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512644&bpp=3&bdt=659&idt=734&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4392209274433&frm=20&pv=1&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=180&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=740
Frame ID: 4FBAFB52F32F8AB888CE51F2630327B3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&h=250&slotname=7534823554&adk=1484195951&adf=3689723528&pi=t.ma~as.7534823554&w=300&lmt=1708309001&format=300x250&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512647&bpp=2&bdt=661&idt=768&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=4392209274433&frm=20&pv=1&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=773
Frame ID: 55253D6F7FB49490EF9C8F369EEDA746
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: 457BBF09681161DED684046DEBFE57FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: ED5D1FA1C9BD1478F8DADEE78DBC90D4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A4A1B2CC633164118681539306141912
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 99D9CAD71FB731C407E6007E5416882D
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 42C206E391A68ED0F47957E930860CD6
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FE86759BE87833F79BCF57F02E6FC5A0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FAF546E250DE7E11B756B4143FB6724C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: 53C3C91EA27CC489343B44A40B66A631
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: C4057471446D3A0B0A6DCC4B6BDD2681
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2BAC3B67E36561C0B03EB201D8AE980B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5CEF509CEE7B1121715B77035C803A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20D3D6DF21F07C599F23FD6979D127A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Read Ojou to Banken Kun Manga Online - [Official English]Read Ojou to Banken Kun Manga Online - [Official English]

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

97 %
HTTPS

76 %
IPv6

17
Domains

28
Subdomains

25
IPs

2
Countries

2508 kB
Transfer

9341 kB
Size

18
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ojoutobankenkun.online/
Title: ojoutobankenkun.online

Search URL Search Domain Scan URL

URL: https://ojoutobankenkun.online/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ojoutobankenkun.online/terms-and-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://ojoutobankenkun.online/DMCA/
Title: DMCA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-Manga.webp HTTP 301
https://read.ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-Manga.webp

Request Chain 65

https://googleads.g.doubleclick.net/pagead/adview?ai=CppOx6erSZaL3GZqC0_wPkb2MmAvFg92vdJzwtLvtEWQQASCs-OIgYMnujovApIwQoAGzuZzhA8gBCakCtNtVryuqkD6oAwHIA8sEqgTuAU_QWjBIi92d2s-81iqWkjdOKgZULMl7p91rb5Z_8fFNk42SX8CJlfHc2VS2DeF7lL0MK7vfslhv6M0MN6Qy9lVQk7xS62QOaxjDNlVkzGH5jcBIPBD2xsJvJOC9BQ4KjTdAXCzi6151onWsO9UeT1qEMZrJSIlzMwNkVB0GhvdPXoK35uCzFt8UC-JbcWszDzxpSLM93yZPXI7y3bDnzBho-VkJt6uyToH4P5_ZftabQk3PKPXM5B2NKeRNlW-E-O_FaKzk2lQtCCiRkhizEGrJXF5xg62ILiO8oIRRbWj7anj_kqTFjN6YM6vvZ_rABLLkr966BIgF6vrmzEySBQQIBBgBkgUECAUYBKAGLoAHtcbjHqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEIXoAtIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliJ1eDH2baEA5oJcGh0dHBzOi8vZnJlZXF1aXpnYW1lcy5jb20vP3E9Z2F5LXRlc3QmdGl0bGU9R2F5JTIwVGVzdCUyMHwlMjBUaGlzJTIwUXVpeiUyMEFuYWx5emVzJTIwMjAlMjBGYWN0b3JzJTIwVG8lMjBBbnN3ZXKACgHICwHaDBAKChDgj9mI7_qkzxoSAgED2BMMiBQB0BUBgBcBshccChoIABIUcHViLTMxOTA0NTc0Njg1NDk5MjMYAA&sigh=cVxFduia_OQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_qjEF7royl1N33rSsbec5c3CPNgAgZc-t5H6aDLh3_ZqleXfuBPBBwFhznWWWZZ5WiiCYQ_nTI3nr3ij0-fZfzQ4cYr1Op_LSShgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87e28cd90a1020180000000000000000%22,%222%22:%220x37f9ebe69b22ed620000000000000000%22,%223%22:%220x372a8ceadba5f1a10000000000000000%22,%224%22:%220xeed032c4271848bc0000000000000000%22,%225%22:%220x8729eba30ba78dcc0000000000000000%22},%22debug_key%22:%221384513287531862036%22,%22debug_reporting%22:true,%22destination%22:%22https://freequizgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221009196211%22],%2222%22:[%22true%22],%224%22:[%2202-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226657507090165007857%22}&andc=true

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://gcdn.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/A283BF0F6A4EDAB70E1C9C4932C6F4E645216E83.51311CCA2D4CF0BD18E8A898B3B211808487CCA1/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-ab5sznly.c.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/30A1A67A05FCE47D8C4A61F0895068CE1A1156A9.330DC97ADBAAAEEC15CE705654913A73E4E9C034/key/cms1/cms_redirect/yes/mh/AA/mip/2602:ffc8:2:104::6/mm/42/mn/sn-ab5sznly/ms/onc/mt/1708321240/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 139

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhiYrPCGAiABMAE&v=APEucNXh0-6zFmEQ50YQYmOq7iBvByuClHp4rh4dvbms9BGG1ouNjmpLF5RVOIM9XR6TvoH1_2ICFAK82WMOQEF46JtOdnSAtfA0GSULQ0_io5J4Ir8o4ys HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdLq69HM67UAADzYAB9syAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8UnNtQAz_wKbM2ml2rB0M&google_cver=1

147 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
read.ojoutobankenkun.online/ 190 KB
56 KB 356ms
268ms Document
text/html 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c36ae821c0d45c8c31562c8d20e73f79d5cb41cd7c6d36e8b8d5b4c18747ed9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 857c33c849fd4bd2-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 05:45:11 GMT
expires: Mon, 19 Feb 2024 05:45:11 GMT
last-modified: Mon, 19 Feb 2024 02:16:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ID25kL2YIOuHqqh8RQzeenDdJpqbYqMw%2FSgYhX44%2B7Ok7yE3vBfX2qoowZU7A%2FEIb3NX8v9MJstGzG2KdAQxKKI9em9n%2FhaH%2BQJ%2F3zjo2kFFIZH2Sa2ZBAbB7oZc0OCTSswI0xcGqKp%2BneJXFBeMQJ383qgwddYoYU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
94 KB 98ms
29ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 13519314
x-cache: MISS, HIT
content-length: 95957
x-served-by: cache-lga21975-LGA, cache-nyc-kteb1890088-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708321512.072459,VS0,VE0
etag: "28feccc0-176d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 0, 13131

GET
H2 200 style.min.css
read.ojoutobankenkun.online/wp-includes/css/dist/block-library/ 108 KB
15 KB 309ms
305ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 16:07:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsR3bFpIaOuFxPVCVChRg3a8aahPvkQDeqj4RnFOMR7KROrAacbsEvOZD2SrjcQNl5zkyrnnDcAcgmeKANy%2B3OCrktD2%2BRnSSANbBRZlqBTHqdE7dtc%2B6cWlA59AFi3hN%2FwZN2tvCYgR6PPKwePfgiBsBt67kVrx3uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0aab4bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 style.min.css
read.ojoutobankenkun.online/wp-content/plugins/page-views-count/assets/css/ 398 B
585 B 240ms
236ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/page-views-count/assets/css/style.min.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d3396943041ad8f024bf4b6a7381cddc8a1896a9d4f1b3336620767f9dac40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 15:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU8gIWWWCVeAe5Q9jfXTGN%2BXZn7Ro1kDYLEA2ZsbCfEnqCibJiXWmwdL9OnjW418HMOetTY7n3ToBKtu1MB0Lyg8tKkXN1ocQ5SpmMz1VF4SRVJ9nI%2FMfXp1hSwdRQTSzggfR77d6z67p%2Fb7ySKmvL428HRCxZ7OqoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0aac4bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 frontend.css
read.ojoutobankenkun.online/wp-content/plugins/wp-dark-mode/assets/css/ 28 KB
4 KB 241ms
238ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/wp-dark-mode/assets/css/frontend.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f063ba5501c21a64c0c9d066494d0b4efad366e29ec8d70e555cdefb5b85e87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Aug 2022 01:40:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVAi3MTC5xdq2j%2FhywSB7dpm4uvESXcBIeXOP5OM2jTkcha0wRUnKoGFepDk4KefXdqJNQUdhCh6bPSnE3l%2B1vetjkUzS9dbB%2BRNnVBR1Q6k0v02VSI5EKe0jLDLMkIDOEi6PEoOO%2BsMfIWnC%2BDDXy2ukrvoDDcVdOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0aad4bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 bootstrap.css
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/css/ 122 KB
21 KB 306ms
302ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 068a51dcd4d054caf1b2fdbc4370b8e8ac16e5ec3609846d8ed1158d2d723813

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfcLL1FC2F86%2BQsyQneDE%2Fzhu7CYCmE7ZdbuQciYpaO9ju0VraRPlXlbQL6lKs4ZkGVwxYxkwq3xPfkT72vAm%2FSNjUOKXoEcu5hR2JAHYPuerPllBrDIi%2BCSGAmnPe3Zs%2B24i9j%2BTkOjLqfi2USBgsp3YUXffTpSvns%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0aae4bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 style.css
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/ 24 KB
7 KB 252ms
249ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/style.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b358fb569197e71a9e01ba7cffddd59643ddeebb16862542c60f4bd621160320

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 May 2022 21:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnAOK%2BllaoG%2BdCuXD5Iei%2FnkzXP0%2FzDkKg3Hi5Xt2e1Et%2Ff7zMb66rhm3icvU0iFK81cwDtBZ2umeQL0TdYVRiF2gfibafKTKEYt8MM3FGt2fGCmspiA7dMxSrhW7%2FDY%2FaywNrYdyoLhWF5IuK7OLERM%2B9AgMHaKCdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0aaf4bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 font-awesome.min.css
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/font-awesome/css/ 23 KB
6 KB 244ms
241ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br9%2B5f4rGqHXx27zjsaMZATWvOokG2gIe4wmdzETr4lCRcHrhXSJquFz7wWPXKjaMJ3JKUtbsXyPQk1eXbEg3vNf5f6LID25KrXIP1AKhfWKbNCSdJfdzBNaLbT2QKKN9A4g27j6my30AvB1k9EbeJksdWwn%2BsjUQ8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0ab04bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 107ms
40ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bdf92031faa6e9842f9d99f75b680ba585ae6359cf76540ca78442327a91eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:34:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H2 200 pvc.min.css
read.ojoutobankenkun.online/wp-content/uploads/sass/ 374 B
473 B 250ms
247ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/uploads/sass/pvc.min.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef9fd5fd65172381a872bd00f034fb48f56ca1800282fb03f95e8b50891c10f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Aug 2022 08:25:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFk%2FAI7HGMV38bdHGCWgJPjSI6GyudJiVaFhuE6q%2FIvJjwmsiUf%2FprOGN56Pt3jRTw9QZBa3pYl%2BY700XrQZxadaxpk73Nhttb1Zq2zYdswBw4xRmSX6RBAYZyDNaziqZI20m9qgrJRWJ5DC4PnpgHKUhWnGTDJBlzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0ab14bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 jquery.min.js Show response
read.ojoutobankenkun.online/wp-includes/js/jquery/ 86 KB
31 KB 377ms
374ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-includes/js/jquery/jquery.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 03:14:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PneQRaaOTZ1WKOfO8BcKe%2F7%2BOdDlXQ%2FdtT4ja93Bkzyjb%2BgkeiBs%2BIwFfnEmSlTJaYXkSBNSqKebqJGtx%2BD8akUHqr%2FmvGNl6itL%2BvuVMqGsKQseDgtzzwb7F3bRyhlSV04TYF1SAYT1LpOZhrUq6Ww9YfNEUHDBi0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0ab24bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 underscore.min.js Show response
read.ojoutobankenkun.online/wp-includes/js/ 18 KB
8 KB 242ms
240ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-includes/js/underscore.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 08:14:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OprLEe5bwf3omoM682qJzBKuOgPS2kTchdOcaBRbqSkoseTmOTM7xQTexMEP0hl1abYIR3Oeifso6CWIA6aBjHm%2FxAjSvzSGy7NtkTct%2Fk%2F8ByZni1tk261QCVIDW4M4OMzE1hb0MCDmklcQexKg%2Fz7iwYgFsIvMt5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0ab34bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 backbone.min.js Show response
read.ojoutobankenkun.online/wp-includes/js/ 24 KB
8 KB 243ms
242ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-includes/js/backbone.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 03:14:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjSTTzgT96ByTgTQZ2r%2B16Rr2cLnUK9%2BWTZLsdY0wm1pkhvu5pY8q7u6%2FgxougMPAZT0RszFyIBRmyZ78WKr0YkY9XvZoVpqtVfqxTby8hv2bu6HGTy0LSkIer7XIyZdr2r%2Bqre51Ye75vZ8mzvzaSdigvyA%2FvHj4d8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca0ab44bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 pvc.backbone.min.js Show response
read.ojoutobankenkun.online/wp-content/plugins/page-views-count/assets/js/ 2 KB
1 KB 252ms
250ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/page-views-count/assets/js/pvc.backbone.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be85a4dfb9a368ba7493c80267656fcf625e1a7c5b5d7caef417b2bf8b49dd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Nov 2023 15:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjXKmiE0j4yD6OozMtRu6wm0XDgAq%2FN09cD9HBzCfDotjqluuD0tIJJ470iWqCEbr%2FivEobPSPVUHUfcjaJj%2BMcVVg77JDBLTjDPKyblztWrteE1RgDnNyo9X5gMFLlKAI6D0zMsoDCl7phn8VlJnJQqJWqWKL6CvUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca3ad04bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 dark-mode.min.js Show response
read.ojoutobankenkun.online/wp-content/plugins/wp-dark-mode/assets/js/ 60 KB
20 KB 322ms
321ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Aug 2022 01:40:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXDt9z2PycB9hbpv%2BE87C%2BHm3GJLudSTps4kV7VWrxXkZZaqk%2FeZttjimtXKo5z%2FEBZMOctpyBG8w%2FgdvHCqNeRAljbAWB0SvQIKMihzWe01RNcmUgaOmiVfPS%2BLFsMplplQtFtxd2oxfwD%2FhQ6AQXGDtudQ3dvfrsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33ca3ad14bd2-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 171ms
94ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BFV4DZJWBL

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55ef7fc07be5bcd82ed4cc9894bb95458a4df10a8c7f0e35dc418ad517fa4d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 137ms
60ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afdab0ad35387b250baf43d4c55bdf0fe1fa19b3e860369c7e8119efe22e4eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51130
x-xss-protection: 0
server: cafe
etag: 15982507423589427870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 108ms
39ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3471
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 857c33ccfac14bd3-BUF
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Feb 2024 05:45:12 GMT

GET
H3

200

Ojou-to-Banken-Kun-Manga.webp
read.ojoutobankenkun.online/wp-content/uploads/2023/09/
Redirect Chain

https://ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-Manga.webp
https://read.ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-Manga.webp

85 KB
85 KB

497ms
497ms

Image
image/webp

2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://read.ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-Manga.webp
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedfc0841f7b35e38e7d27f14a91edfc92f116f6c72729ef34624a718e844d00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Sep 2023 21:23:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYQpKiHe0QK9fMpjc0fh0KDZxHu39YSlQGM%2BkBAdMewCuI%2FbZuNy1XirvcaLmHrk%2F1TVUJXqjBjQJyaTRHo5NhY8ZIc%2BGBYFlG7WEM4fzFOjv8R49OhsGIJV4TMpICjVUHUBkCsRhtEcvjAgrKZGCFo46uHFFHD8AaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857c33cc28254bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 86884
expires: Tue, 18 Jun 2024 05:45:12 GMT

Redirect headers

date: Mon, 19 Feb 2024 05:45:12 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnZfqMgHAeprMZKq3T7sp5%2FPaUz8ALMdz8Thm97ItBUeXyp%2FDzhKPBxA6LcDv1KuAu6y92scXc5uWqkRLhGBMvLMv7G7wsZy7MqIroGqIBeg6qVu4IlkymokS%2BSN9xXIDqCW7pVSt%2Fb9XvF7z8VZDj9SrURa"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://read.ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-Manga.webp
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cb6b484bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 icons.css
read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/css/ 37 KB
9 KB 188ms
187ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Feb 2024 15:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwNEMZ2hqeuk%2BmQLMOJcTk743xYdkhtI6zu77C8jf8tYKha9aVrofhLE68lt1Xxdjn9qxT0k7Zxy5I85b78VvEgNnqx0Sw%2FV41UbM8hhSNH4v%2BiW2W9JMGE%2FBr5D1JSCiDQ9%2BZ8hxRmTVEPzq%2B7fBLUVJmpSaaIjZZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cb5feb4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 shortcodes.css
read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
8 KB 186ms
181ms Stylesheet
text/css 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Feb 2024 15:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Patxx0zN6fJllhtb4r%2FQjRZcH1fnXdJZ%2BD0lmJExjiq%2FfGAM9kot8Sv%2BgG6xPWpMRkBwUG5K8RGKH1Mlp0tTnE3lwVL23Uls1o8Cgn1mCu5S6L%2FeQzxHGbcBvAWXx%2FvI63N6aqvhtUuu0UbYahbfizSoIPh74xCfBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc88464bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 wp-util.min.js Show response
read.ojoutobankenkun.online/wp-includes/js/ 1 KB
1 KB 192ms
186ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-includes/js/wp-util.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 08:14:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgejYcjpvVF3TxsgpTnkw860xT%2BiaShJ4p2zNOAF4SjpFZFVGHzA1VhCizm4MmisEIVBJNS460gNYy94AcXsarUMqiCsfmNbNoqfKmnrBAA3Uq8Z5oW8mi0b0wFv3uKdJ9L6iCaVvSs9z9DA5gsUOmQB0mj%2Bu%2FidgHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc88474bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 frontend.min.js Show response
read.ojoutobankenkun.online/wp-content/plugins/wp-dark-mode/assets/js/ 5 KB
2 KB 216ms
211ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e5fb48cee849a51910344f29460662f8b5703dfa6102042122b47d081ca73d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Aug 2022 01:40:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxZIDk40F1fRP8MuUGZH2zpEZEckrA5fLLg7wJ5iTaQkcVc9LGFQJjuOi%2FkbOnvIJZn5piqDin6EJ2SOHnCY815Bj10mxlmWi8KS5mCTvlA29JY%2BrX1y84inJDvNnP4AULRzA32hfF4qx5KVsbnd%2FrbVOXJGcomkjTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc88484bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 bootstrap.js Show response
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/js/ 36 KB
10 KB 192ms
187ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb97f529e70c330d4932d8ed468cfb94011e2bb74c5145292f285cb2d6b9f21

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DvmckNy7uf3dtauEKBht7Qb6hEKXL2kFvgjOqdt3K0ry6arEMB4WvbFYN7x8Q%2Ff6jbQclJKtv5UqxoOs74q3OVICPdSWgcOqcC2XCXr0MMvAJTWbEACB9hbTRi7zvrOlU9HTFsCw9vFbClBOge0OhxRwIAU3eZcnxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc88494bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 skip-link-focus-fix.js Show response
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/js/ 751 B
866 B 192ms
187ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0G0yIJzK0cPoq93PjteHRf2AoZJBmCrgevvXS5qPHS%2FbA6aeGoOo8Zv917jjfenN2JvsseA%2BXWvQFopuyzIEX5nzhP3QT51ZuhyL27rQaCyKHC5gEFinpP4Sd8j7jOS1ycr50a9wsj5Bx3DQKlFrtbesN0Q3EBk3yY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc884a4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 lighthouse.js Show response
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/js/ 1 KB
924 B 192ms
188ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786889f515a603de35a120267630863ee28c068a498db20f03277c4415009270

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12W1gVBNXGdooZj1iqLMc74kotGZr6bQcwhA6DjqZZaMo20IrRMNsSM0ZxyXtzoOUdxCUuQ03PRpBw3KCdmNlOI2c3aW4cL62owf6XcQNW6zxT5D248TofsKNwAfZR9k2e9NShuYNrQlmHW7SuEDTfaewTQ5BENc0dU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc884c4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 index.js Show response
read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 15 KB
5 KB 216ms
211ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14d7aa713df1750803daa3bf7d7449b982797e66ad0be8ca78c2a1721aaab43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 18 Feb 2024 15:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkStqLs1n8%2BRNAqFptBVKOsRqU6mTeJ7UzOjwyqOCjiPDfCUBgLhYnQ4BrK7YLEhnUBK1iEqFQTZvNVcVx7GNgUrE0dtkKA%2FaJzhxEHHUldS%2BMyAjzwlay2oinKUA7C5gaJ8I1m42i2MuAt4Je2IL1paXTJkV%2BnH9Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc884d4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H3 200 lazyload.min.js Show response
read.ojoutobankenkun.online/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 214ms
212ms Script
application/javascript 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJpXWDojW%2F291X86yvIYls%2BweBKqgWaQ%2BXNpAMW00lJqkFUIywHHy4a2LyqYcrjWg7ZskOZtJKu3VswouyLIJZzNwzQ6RmhPi3MGyFwOyed8GJucYE%2FYy%2FL4K7BgUpLBr9n6gj%2BfjqXzLxr5ViQpFySCju648nUw9S8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 857c33cc884e4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Feb 2025 05:45:12 GMT

GET
H2 200 wC Show response
silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/ 41 KB
14 KB 240ms
116ms Script
application/javascript 2607:fbe0:1:42::1a
WZ-US-40824

General

Check archive.org

Show headers Download Go to

Full URL

https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2607:fbe0:1:42::1a , United States, ASN40824 (WZ-US-40824, US),

Reverse DNS

Software

nginx /

Resource Hash

09d737f9695fa778e458cce3b57a48144c501b95a1e2ff8a87c5495ccec7c66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 19 Feb 2024 05:45:12 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H3 200 Ojou-to-Banken-Kun-1600.webp
ojoutobankenkun.online/wp-content/uploads/2023/09/ 208 KB
209 KB 47ms
46ms Image
image/webp 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ojoutobankenkun.online/wp-content/uploads/2023/09/Ojou-to-Banken-Kun-1600.webp
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee655ca66e7b61f1d6d7ee682b844c4af89ddc73a3b4d12c35ad715cb6572a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 628401
alt-svc: h3=":443"; ma=86400
content-length: 213454
last-modified: Fri, 08 Sep 2023 21:23:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci1Su4UML%2Fg1yH4V2Th14iW98YkOuzfAIto843a5jGSVK2CWnUrOuqzORevWG%2FZgijgt5ZP1f8tT5TuuHzUlECClKgX5x%2Fd8acyCrSP22T9QGmlCcEQesZ31TH05Q1uiFwvUlbYSGpTpm8ZAohV1tIK6JYVy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857c33ccc8664bbb-BUF
expires: Mon, 10 Jun 2024 23:11:51 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 109ms
40ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 07:58:25 GMT
x-content-type-options: nosniff
age: 164807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 07:58:25 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 139ms
71ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 04:14:46 GMT
x-content-type-options: nosniff
age: 178226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 04:14:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 99ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:11:59 GMT
x-content-type-options: nosniff
age: 174793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 05:11:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 67ms
49ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BFV4DZJWBL

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c3a85aa2f5b988b1fa66ef0a801fdb531a73f7579f0a146e97393226eddbcfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 127ms
109ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb24aa146d2567d9cda5fc825e537de1a9f097ed5cfb3f54df6dcfe3a474a811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51248
x-xss-protection: 0
server: cafe
etag: 12988924084712163892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H/1.1 403
Forbidden invoke.js
followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/ 0
0 112ms
38ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 19 Feb 2024 05:45:12 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 141ms
88ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 00:33:47 GMT
x-content-type-options: nosniff
age: 191485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14160
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 00:33:47 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 47ms
45ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3492
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 857c33cd3add4bd3-BUF
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Feb 2024 05:45:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 60ms
58ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7656d78869ec0d786b636c3fe2ad0eba34ab3fa793628cc9629a3e1c08c783fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51274
x-xss-protection: 0
server: cafe
etag: 2687271628413543414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H3 200 fontawesome-webfont.woff2
read.ojoutobankenkun.online/wp-content/themes/Ifenzi/font-awesome/fonts/ 55 KB
56 KB 321ms
320ms Font
font/woff2 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://read.ojoutobankenkun.online/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 06:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0Td%2F0MeA96SrkWVW4s8K9kYDqyuwC%2Fdz5ePNV7ii6sjtTNaYfRfgEqSYKDVlbdCrWzwRwlFmu2F1AyBGJ3lMZiB8tmUYw%2BT4T179R9TjbuHPEcV%2BPqHhdhg%2BjK%2FxkQ8knqFXGSy6j36xFkfa%2BJ0gRp0Y%2Bxr1PSQi%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857c33cda8b74bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 56780
expires: Tue, 18 Jun 2024 05:45:12 GMT

GET
H3 200 forkawesome-webfont.woff2
read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 107 KB
108 KB 641ms
640ms Font
font/woff2 2606:4700:3031::ac43:de89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by: Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:de89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer: https://read.ojoutobankenkun.online/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin: https://read.ojoutobankenkun.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
cf-cache-status: MISS
last-modified: Sun, 18 Feb 2024 15:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LekmF3MhfrEu619vkJldTXsIsyDuXHv2chE2Wo8FbJUKXh8A9LbVgNgq9Kk6qvUS31QUXEICf7Rvq16qWF6L9fU7KaeFcoRDQRvYdeqxbw6GKXRwenI0OP2t7Xr6bjT2AI3L4E31D6iwKAhJeflUKaHtB6M7XKOmw28%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 857c33cda8b84bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 109916
expires: Tue, 18 Jun 2024 05:45:12 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 407 KB
138 KB 135ms
72ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb5d61edcfe9dffe59e50f375f9de3ea4ff88be7cffa45c05cdab0fd9d9ba09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141316
x-xss-protection: 0
server: cafe
etag: 7423030241302674557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:45:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 00BD 9 KB
5 KB 103ms
31ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 02:44:16 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 02:44:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
262 B 106ms
40ms Ping
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BFV4DZJWBL&gtm=45je42e0v9165691892za200&_p=1708321512384&gcd=13l3l3l3l1&npa=0&dma=0&cid=230118045.1708321513&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708321512&sct=1&seg=0&dl=https%3A%2F%2Fread.ojoutobankenkun.online%2F&dt=Read%20Ojou%20to%20Banken%20Kun%20Manga%20Online%20-%20%5BOfficial%20English%5D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1166
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFV4DZJWBL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://read.ojoutobankenkun.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3c5fc3adf3d1.js Show response
www.icy-location.com/ecc874/ 69 KB
26 KB 403ms
274ms XHR
application/javascript 204.155.151.34
WZ-US-40824

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icy-location.com/ecc874/3c5fc3adf3d1.js
Requested by: Host: silentinevitable.com
URL: https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.155.151.34 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 4bf4f39c861b8003d64dc585ad093ee11b9b39cee4f808c1996ab5d7d9777bd1

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: ZS1VbLjeI7FJwHu0yuqc1K0UMLD5DDGQFQywISMOwIEpNBd6SqswAYHk9fAmqdRntEGEFsgp0Saeyt7UYJrRO7zkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 161, 51337
cache-control: max-age=315109231, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3c5fc3adf3d1.js Show response
www.icy-location.com/ecc874/ 69 KB
26 KB 447ms
319ms Script
application/javascript 204.155.151.34
WZ-US-40824

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icy-location.com/ecc874/3c5fc3adf3d1.js
Requested by: Host: silentinevitable.com
URL: https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.155.151.34 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 4bf4f39c861b8003d64dc585ad093ee11b9b39cee4f808c1996ab5d7d9777bd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:12 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: ZS1VbLjeI7FJwHu0yuqc1K0UMLD5DDGQFQywISMOwIEpNBd6SqswAYHk9fAmqdRntEGEFsgp0Saeyt7UYJrRO7zkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 161, 49243
cache-control: max-age=315109231, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 Yd2.xepfZgW_5i0jZkGlF-0nYoTp9qy_csmtlukvP-TxcyyzNAm_UCzDYETFE-wHYImJFKi_MMGNYO1PM-DRgS4TNUj_MW5XZYDZM-2bYcWdIe0_NgjhhihjM-TlRmjn
silentinevitable.com/ 0
322 B 59ms
58ms Ping
text/plain 2607:fbe0:1:42::1a
WZ-US-40824

General

Check archive.org

Show headers Download Go to

Full URL

https://silentinevitable.com/Yd2.xepfZgW_5i0jZkGlF-0nYoTp9qy_csmtlukvP-TxcyyzNAm_UCzDYETFE-wHYImJFKi_MMGNYO1PM-DRgS4TNUj_MW5XZYDZM-2bYcWdIe0_NgjhhihjM-TlRmjn

Requested by

Host: silentinevitable.com
URL: https://silentinevitable.com/cHDh9L6/b.2N5fl/S/WJQ-9CNlDKYkxzO/TVUG1_OFSb0Y0/NWjSEd5LNITnY/wC

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2607:fbe0:1:42::1a , United States, ASN40824 (WZ-US-40824, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:12 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7508 430 KB
93 KB 550ms
549ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&adk=1812271804&adf=3025194257&lmt=1708309001&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512640&bpp=4&bdt=655&idt=713&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4392209274433&frm=20&pv=2&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=734

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9552f88979fec83deb2148238165faffca936bfd3c929436ba8f52963b6ed4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94541
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:13 GMT
expires: Mon, 19 Feb 2024 05:45:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20lh-nav-bg-transform%20navbar-default%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FBA 130 KB
43 KB 488ms
488ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&h=280&slotname=5705440719&adk=401755941&adf=33086468&pi=t.ma~as.5705440719&w=920&fwrn=4&fwrnh=100&lmt=1708309001&rafmt=1&format=920x280&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512644&bpp=3&bdt=659&idt=734&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4392209274433&frm=20&pv=1&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=180&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=740

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a73cb101c51cc26df4c9c2940b13946004b4946a2316d510a004e14ff9c1eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43800
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:13 GMT
expires: Mon, 19 Feb 2024 05:45:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5525 880 B
637 B 257ms
256ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&h=250&slotname=7534823554&adk=1484195951&adf=3689723528&pi=t.ma~as.7534823554&w=300&lmt=1708309001&format=300x250&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512647&bpp=2&bdt=661&idt=768&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=4392209274433&frm=20&pv=1&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=490&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=773

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34cbcfbf166e8db0907bbcff08d2e5d7d43c9e0ba894ac8899a9fb93515fbf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:13 GMT
expires: Mon, 19 Feb 2024 05:45:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4FBA 14 KB
1 KB 44ms
40ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3190457468549923&output=html&h=280&slotname=5705440719&adk=401755941&adf=33086468&pi=t.ma~as.5705440719&w=920&fwrn=4&fwrnh=100&lmt=1708309001&rafmt=1&format=920x280&url=https%3A%2F%2Fread.ojoutobankenkun.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708321512644&bpp=3&bdt=659&idt=734&shv=r20240215&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4392209274433&frm=20&pv=1&ga_vid=230118045.1708321513&ga_sid=1708321513&ga_hid=2023991942&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=180&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C31081188%2C31081221%2C95324580%2C95325068%2C31081234%2C95322180%2C95324154%2C95324161%2C95324432&oid=2&pvsid=1038280925382322&tmod=282974123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 05:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 04:08:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 05:45:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4FBA 2 KB
903 B 107ms
41ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:09:24 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3456949367560839635/ Frame 4FBA 11 KB
11 KB 96ms
35ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3456949367560839635/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5497a899aa4511802ff9d3be87e7153243347ea83770f3e26f8f1b98b712fdaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 23:01:29 GMT
date: Thu, 15 Feb 2024 23:01:29 GMT
x-content-type-options: nosniff
age: 283424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11112
x-xss-protection: 0
last-modified: Sun, 11 Sep 2022 22:40:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4FBA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4FBA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 4FBA 23 KB
9 KB 108ms
58ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:14:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4FBA 3 KB
1 KB 113ms
63ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:06:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4FBA 20 KB
8 KB 81ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:22:08 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4FBA 204 KB
61 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 04:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:47:56 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 4FBA 36 KB
15 KB 98ms
32ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 03:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 May 2024 03:00:59 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 166 KB
56 KB 57ms
57ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/reactive_library_fy2021.js?bust=31081234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c49612b980160a91d1482429e7288a7d92c4a3c04c2180b39f2a1f13cbacdabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57351
x-xss-protection: 0
server: cafe
etag: 14087129997279383556
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:45:14 GMT

GET
H2 200 ca-pub-3190457468549923 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 126ms
62ms Script
application/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3190457468549923?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a1be874cbe7354d944ba9aca0a2b6394ff506c2d95fb8ec9107bfdb9d827647

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-igLSuipLwtb01HgDcY8-Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-igLSuipLwtb01HgDcY8-Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KghxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiFujldXT69jEzhwbKUmAMK6SVc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 90 KB
31 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/slotcar_library_fy2021.js?bust=31081234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c73c494b23bceec64e9b784554fcfab3501a0461394ed5860833cef8561b87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32108
x-xss-protection: 0
server: cafe
etag: 8089694198554186830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:45:14 GMT

GET
DATA 200
OK truncated
/ Frame 4FBA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63df3101fa0d4bdbb625b009f6dc2e86bfeed6bae366c551276d1111c321cd6f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4FBA 33 KB
33 KB 32ms
31ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:08:12 GMT
x-content-type-options: nosniff
age: 185822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 02:08:12 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4FBA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CppOx6erSZaL3GZqC0_wPkb2MmAvFg92vdJzwtLvtEWQQASCs-OIgYMnujovApIwQoAGzuZzhA8gBCakCtNtVryuqkD6oAwHIA8sEqgTuAU_QWjBIi92d2s-81iqWkjdOKgZULMl7p91rb5Z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87e28cd90a1020180000000000000000%22,%222%22:%220x37f9ebe69b22ed620000000000000000%22,%223%22:%220x372a8c...

0
0

156ms
88ms

Fetch
text/css

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x87e28cd90a1020180000000000000000%22,%222%22:%220x37f9ebe69b22ed620000000000000000%22,%223%22:%220x372a8ceadba5f1a10000000000000000%22,%224%22:%220xeed032c4271848bc0000000000000000%22,%225%22:%220x8729eba30ba78dcc0000000000000000%22},%22debug_key%22:%221384513287531862036%22,%22debug_reporting%22:true,%22destination%22:%22https://freequizgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221009196211%22],%2222%22:[%22true%22],%224%22:[%2202-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226657507090165007857%22}&andc=true

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x87e28cd90a1020180000000000000000","2":"0x37f9ebe69b22ed620000000000000000","3":"0x372a8ceadba5f1a10000000000000000","4":"0xeed032c4271848bc0000000000000000","5":"0x8729eba30ba78dcc0000000000000000"},"debug_key":"1384513287531862036","debug_reporting":true,"destination":"https://freequizgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1009196211"],"22":["true"],"4":["02-19"],"6":["true"]},"priority":"500","source_event_id":"6657507090165007857"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Feb 2024 05:45:14 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 05:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x87e28cd90a1020180000000000000000","2":"0x37f9ebe69b22ed620000000000000000","3":"0x372a8ceadba5f1a10000000000000000","4":"0xeed032c4271848bc0000000000000000","5":"0x8729eba30ba78dcc0000000000000000"},"debug_key":"1384513287531862036","debug_reporting":true,"destination":"https://freequizgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1009196211"],"22":["true"],"4":["02-19"],"6":["true"]},"priority":"500","source_event_id":"6657507090165007857"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 457B 51 KB
19 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 11:18:39 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 151ms
87ms Preflight
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 05:45:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame ED5D 9 KB
4 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 23:03:14 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 23:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame A4A1 9 KB
4 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 23:03:14 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 23:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 99D9 9 KB
4 KB 32ms
31ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 24120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 23:03:14 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 23:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWULBjpmYx42Z6nxVk9lzLfiGmFmq1G2FfRtiUOtv_6aePbKvBPXpnC31Y2slM9jJcFwnR6sjYoYdnsp2QAuNCG-rYJPsEIcw_BG7z51N8LWByueDKj9jpKUSucxKt2tJMamDMXrw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
61ms Script
application/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWULBjpmYx42Z6nxVk9lzLfiGmFmq1G2FfRtiUOtv_6aePbKvBPXpnC31Y2slM9jJcFwnR6sjYoYdnsp2QAuNCG-rYJPsEIcw_BG7z51N8LWByueDKj9jpKUSucxKt2tJMamDMXrw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MzIxNTE0LDIzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZWFkLm9qb3V0b2Jhbmtlbmt1bi5vbmxpbmUvIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

122ffbbdde259c97e72e01b8d1faab08753d76ec8d885669c47fc5a00f2a3c5f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6BFKgvqwhOKUTfXen-5stQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6BFKgvqwhOKUTfXen-5stQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXFEKghxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejldXT69jEzixfV4bIwAYU0m2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Fetch
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3190457468549923
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame ED5D 5 KB
694 B 51ms
51ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:03:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 05:45:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED5D 205 B
518 B 34ms
32ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:12:30 GMT
x-content-type-options: nosniff
age: 1964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Feb 2025 05:12:30 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ED5D 604 B
694 B 34ms
33ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:24:41 GMT
x-content-type-options: nosniff
age: 1233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Feb 2025 05:24:41 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame ED5D 15 KB
6 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 22:58:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 22:58:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame ED5D 22 KB
9 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:20:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:20:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame A4A1 23 KB
9 KB 30ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:14:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 42C2 143 B
166 B 33ms
32ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame A4A1 3 KB
1 KB 32ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:06:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame A4A1 20 KB
8 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:22:08 GMT

GET
H2 200 8602168387091256086
tpc.googlesyndication.com/daca_images/simgad/ Frame A4A1 47 KB
47 KB 81ms
79ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8602168387091256086

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ffa28133398c1d546369ea63010743d7a7bec7ffefaf7fa4f9b2dfa2a3102f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 19 Feb 2024 05:45:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 11:27:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Feb 2025 05:45:14 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A4A1 204 KB
61 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 04:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:47:56 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame A4A1 36 KB
14 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14610
x-xss-protection: 0
server: cafe
etag: 17234995959194474601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:16:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 99D9 23 KB
9 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:14:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 99D9 9 KB
773 B 41ms
41ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 05:02:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 05:45:14 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 99D9 15 KB
3 KB 96ms
31ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 17:43:43 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 99D9 379 KB
132 KB 97ms
32ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 04:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 04:30:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 99D9 20 KB
8 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:22:08 GMT

GET
H3 200 AGSKWxVxHEmG228aE6A-gdwBclfd2TOniurwy9rD36lPkfmrRS20TMa07ctdoNI55KUBdgwMcrbYy-Xzff7pOVoWJOmkrV_tYfUd676pSgqAwS9etIY25G5P_xQBrThGsXDnHKQ6JeNdow== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 68ms
66ms Script
application/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxHEmG228aE6A-gdwBclfd2TOniurwy9rD36lPkfmrRS20TMa07ctdoNI55KUBdgwMcrbYy-Xzff7pOVoWJOmkrV_tYfUd676pSgqAwS9etIY25G5P_xQBrThGsXDnHKQ6JeNdow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MzIxNTE0LDMzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcmVhZC5vam91dG9iYW5rZW5rdW4ub25saW5lLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9016b486292b6d0ad42733a75c38b284827dc4ec1b2b13dbe56cafbd5d0ff4d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fK-pNmRZs0Zw9Akr2YWFMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fK-pNmRZs0Zw9Akr2YWFMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OV1dPr2MT2PBo02ZGAN5zROs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FE86 14 KB
1 KB 40ms
40ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 03:58:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 05:45:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE86 2 KB
822 B 31ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:09:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame FE86 23 KB
9 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:14:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAF5 143 B
166 B 36ms
35ms Document
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:12:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE86 3 KB
1 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:06:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame FE86 20 KB
8 KB 37ms
35ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 23:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 23:22:08 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FE86 204 KB
61 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 04:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:47:56 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame FE86 36 KB
15 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 03:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 May 2024 03:00:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 42C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:14 GMT
expires: Mon, 19 Feb 2024 05:45:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAF5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:14 GMT
expires: Mon, 19 Feb 2024 05:45:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 99D9 0
234 B 309ms
99ms Ping
image/gif 2a00:1450:400c:c1d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lssiisqw&c=3292420836288&slotId=1646210418144&qqid=CPTf4MfZtoQDFZoPswAdLcYMmQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 99D9 15 KB
16 KB 31ms
31ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 01:05:07 GMT
x-content-type-options: nosniff
age: 189607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 01:05:07 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 99D9 15 KB
15 KB 33ms
33ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 09:21:21 GMT
x-content-type-options: nosniff
age: 159833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 09:21:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 99D9 0
20 B 95ms
95ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CCUFG6erSZbTHGZqfzLUPrYyzyAnP3NmNacfE4JS1Ep_sor3AARABIKz44iBgye6Oi8CkjBCgAf7utrkCyAEFqAMByAObBKoEhwJP0FLCU0WWFJ1ivfIrkEQhhnw99W7hfyjbKA0igB-uBuQIhSZkDO-d3OpYt89ft1SmohCzdfZgzSVX8z2FmuKN_llaMBqLR_TxAkdPQNDQIrWeZW1LV5uKITWZl4nbxV0f744EqAzsPFpB1NfJmkmLD6H13H7ewslRyR6glXHYys-Bs7D1Rp63bBUaLOh2PJEEiyzYp356XaWvcguCU-qhJKHnNrzlZ8zbntV2on7biKrhLzvuRN1LwnqMednWDXtR-BKqaqDopkHDvgDSkxBEcTiSYjk8z26HDo1s48TSjAbaDj0lYCOpiNqIIh93mr9TgTe5L0XTUazGIPUWEsvNFKIxJVDtvcAEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1708321514517&ai=CCUFG6erSZbTHGZqfzLUPrYyzyAnP3NmNacfE4JS1Ep_sor3AARABIKz44iBgye6Oi8CkjBCgAf7utrkCyAEFqAMByAObBKoEhwJP0FLCU0WWFJ1ivfIrkEQhhnw99W7hfyjbKA0igB-uBuQIhSZkDO-d3OpYt89ft1SmohCzdfZgzSVX8z2FmuKN_llaMBqLR_TxAkdPQNDQIrWeZW1LV5uKITWZl4nbxV0f744EqAzsPFpB1NfJmkmLD6H13H7ewslRyR6glXHYys-Bs7D1Rp63bBUaLOh2PJEEiyzYp356XaWvcguCU-qhJKHnNrzlZ8zbntV2on7biKrhLzvuRN1LwnqMednWDXtR-BKqaqDopkHDvgDSkxBEcTiSYjk8z26HDo1s48TSjAbaDj0lYCOpiNqIIh93mr9TgTe5L0XTUazGIPUWEsvNFKIxJVDtvcAEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 99D9 0
45 B 295ms
100ms Ping
image/gif 2a00:1450:400c:c1d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lssiisra&c=3292420836288&slotId=1646210418144&qqid=CPTf4MfZtoQDFZoPswAdLcYMmQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.w2&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 99D9 33 KB
18 KB 134ms
61ms XHR
text/xml 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CKcdo7s0uXR9b0sq_U-5jEms8G5N-UkXXjzaXLYrY3ozOMMJgyV7dMM58Op2gucMj0WHJYhtiLN8oZWy5i2y9s0VShiQ&cry=1&dbm_d=AKAmf-ARL860G4HGhkRPalffIet7dx4asojeRvK2eHfHIUh6uHqcF4ix7nsszUjdbI8915db1HcU7rieFrfgAL4pJINfBzSkbntWGNlshLxx9fES4zhPYPGLSc_tNMVIJlFRndsbydFKi9T_atF2F2pVB_0vm8NatVQyixCufyNkVPieSb1B3UI17Xp9q6qZFYUJV1oo44EpCH9Q-D7ms1jsegM3xq7JMkYr-d4RbrjfnzmHOcKx0CMEWpenRz646Q-xWVFYmOg-9V9PvZ0eluiybRmkDxMnK3zvognLvOVWYGJRZXkDf9_gNUwPjSIb0ZCA2Ap0MxJGevxxWQmg-y0zdsiY2TH7lALDu2DuP86ef17K_THuyyzLy9MpUJvi7JRyoy7kqcx787LkMLRH-Tp2vaJRbkUNnRIJFtOX8fxTPemRdLx6azZ9pB7m78Kz-EZC-q6Dvqy93NWoQEN5NGpESa_xgqZyJDQhpzJ53vP20uuoybO9j6t6Th2y9n8rfEOFqlIz3pmHDHT73LBKhx8MOEpI20gW1hWqQ-SbLIsqWQXQ0fYi-VUpi9PBLM9qALVl-DmdfLEAdQ2hfm2DPHR3I7gwwS6DQqdGYCyTYpJWjagU6lwPApZsW7Hmlt6DbH2N0CCcua5qYMsDVHFSaqtNJHNAA_OQC0LA9UhTk4ZvBH48vyIhRXshOqQxa3TQmyMBbb1KsaI11wyngTYiRXYGv0uv9OAgPy-gaHTj-pD_xI_hzjbBkRVRp0Y9cw7mMqkMyuXl0Cx4tp824XbyOwT-ETKOELH-AlpSYW7Us1gAM7rrY1gasq0EH5SXW3dcF7GMCWWkekKvJfVfp1Fqx_Hh8oTUTHRQYJyd2SjE-nTBKDoNHweKUcMkAHyE2UL3EZ9unFP0X-eJmmKqrBdGXPs2m8CFeGL8oZZr1b1XExdDYf1RmKgVat6RERudjg45H87sIKsxlx8ooMcCDR0E_AD_untFO0SSq6IObgiz_30RY0TmkKlrBuPJxZ0F6bLDLEahLYOUpvzgdcCa1RqyG3XCc2xBKLB_Vlv0YR_6lRVaJ2I7yc8K0zIvVuASsTLWMzvgh64JW-_8l1SygGVfgMzyq00XKAkxIWA53VZIr8uTT9tr_jPOEXfkzxeGZcLX2C4iONH4UIJapfrSB4Ti3yrS1QxJMowl0Ail24jDMcePzJS1jCUWKmrBEUiC9i5WnB5YJdbSEtXPmeRc4WfL3Nf2tn2LrqVNEWy1OzoS3YWNZlB4usM4nDQBXb1vpUHmvM8-NeB9jN-d3niF7tSTQQ0GGdOZGTzA--YCx-6ktkw4nz5J4eDRZEEY33gnvcK2HCZWIcBD4QvwCibX3iHOFNKDetR4yqLGIQZ3zRnGazzb9f7y6JwOuQB1gqAFeSmBfYseerewX9TLNPXJBu73Z9cdbMpWlk0BnQpR4vFZWGspVoSKxxsiSTVvNtgpUZd0VrpLVepmHYKg_hYcTFRhG3fJXUG4TxnrjisnRFuXDk434yGtveune6rhO7KhjOUZiNSvM4FGPL9nhALjBMb6TaZabD00DDnxaPaVxN5ig_3cv2xiOmowp9Zc8LKIIaggqdNtzAIJDCMKvrUq4e4W2jV2VkjAcdIn9OPp6Anr2s1l9gv7NRKfV9vKbPY244YEohQi6HYi5yKVR0uLpQUhM6Q9PuU0yV3E_sMBxPVD23KctOZYdDgUsycc7BHmZMHJrMTT3wrh5pw6s2uhuR4EYeocaizW7VZu2AlQkIidVzXUcUavonuFtYzTIAhwTlmsWu5hviEKwiV85I4tWUiof4XC6W53LBYzHSolgbpUTIZYJa767aMJh0sf6AE1M5rr77Sxv_wjzd0P9RVwyk3ROBAWFl7sPdSVtMNHyLDEVO2C9gz38Dzs_PhVnL-DqioAYj38nJCF5irl-M18zLydoq13uUZf1BuEgoS7WpVq65CzJNiHhnGgzib8Xn9wVrvIqMvjrqMqM6g9_NxNQv1BbinvvvXDLw_TArxNglprBbqVdwlOZ0y9mhlYdnEk2bPB7GzjAqF3sJTHb222OwAhZz6PdYfX9z-5InIqeClQCooOXcTyc8S6MvqTR3KZIIsXrS16DmfMz7ppmbnxW7WRZSFarb3097oGuOhND-WkjjdUj6Qyu5SY-gfQrPGw1VbAKhE703ArhFBu_rPtpH19LYBErh5MTCt_t-xsU-ur-ADLullklA921xBpojhtvpdcJpfEGXvqwXvfo3dig-S2iETfVqQvcOGGW9CB3SEtsE-eUo5NUvLuJaD__fi-oHVcaFRMxp8qAjpNEkEuQ3ae4eipDFLfGsKtvXaVt2GwbW8bzKYcWc-Cb72NtDxPoZyHX5wPxAl9nx_R5KzQqiEHvsZc-CHQsbNCwL3z4vTcEYQwca2ayL86OUGWEW8m68Wu0dlchxn-JQqWA97SK5Dg0LuujO5CJdCanQmu1igoDnYJRt_TXGpIKh7u7mTX9JmP4chsUraHCKsAGAxYp8oeN7i7Xahe9BLc2RlgKqvZfITIbCeDU-xn_8wckHP-7cGGs6GZdmETM8iRTjoqXfQDrLITdLHZ4DpslS49SV_cOau8yRj0lteIb6iouAQCJNYaoFXXn1jxhJ2-1VrJKd50AL-e4w8PV1kGs_VYWaswA4NAmzjDqN327tCWwmZwi9GpRnW1W_8EcOvSnMxwh5tuF3W2mz-qb0xCPD0sToXOWIvTtpTHqGW5cKETDvtkxjm6r2y0Bleu5YP4fZrDcGRFjfGX4-OHrAVmnINgeuPCHDHDSVI9jHdfD7qs5FXH-QX5ZJlj8yijLe7eGDVVyjSew2ZDduCQiJMaqMJFxzCZlVOMJgcu0uuZDAz6M8nrHUbEa5EY7ve0vjXuneWAzNTqaH09bCyYIbH_7m-mY5SlbdMZ-0Zo2abMogZBeisNE65v9Hic_87SYww7lKaMZkgTU-XUaMCDUwnRYaqBD608WZitw_s0LFZPXsdXmzHhtRnvIjTtWZ-M9neYM93G8VLYw9XG97b4J3l01d--3XeYHh27SkGJDe0avftCRm-W2sMiBsYaZ6MpQ1zn9JJu6JznWMCY-DChFUasJZcVk9WenHhkCwYFLA7QvAiYLLJBIaOfSJOi2JEAwoIoZI3AtynX78lV9CFbKHIKo3-2MRlJkkHzbt_ReuogYa4MBPGYube2POq43eZwfS6yGKvklDoR-EDgvfyjvYif_wZfpl_puDZWw1-_mqDKbXERhPXUIPVDlKuo_vK3Yi0q1nXnKgE4K9XStR624hajgEpOk80w72EznQIOlo3dlnwfcjrF7Ek0FbDXCaCtz5qIA2zIZ8_GkqZ-bZ4BeHkGWPP1Inxj68XgSV97ywzc9hcBOXv5d3gmrofqDIy9gkHq-eCXutYgFiyr2I7nLzJKtLXJPEkFI6BUb3DRC6E23ggK6AhO5ABkNegYRhgJYTvJq4DyWtGLMCoJUZA4P78qk4Src3u2ZLXQN347NlVS6wthAluIJAmPVmJRjiRQscr9xaZELk8HodKVtRDpOPVa_52oTHDVekH-fKL-VRNxA0FTKBW5ap9D6UfgdM27B3sYLEQUA1gNpmrzTNWrUcGJ3A&cid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLcV5Yj9qxfrYgkgZuuugSXwc04LwXAfD6KxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

049b560e536e8e30d2c2c0f073dedcf13e62cdb3b075c0b97ad756b42ec734b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18166
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 99D9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c56254e0bc11fe87a80fadd715d043020f5d79eab6a2dd41c258b70068ea69eb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 53C3 51 KB
19 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 11:18:39 GMT

GET
H3 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C405 51 KB
19 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: read.ojoutobankenkun.online
URL: https://read.ojoutobankenkun.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 11:18:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 99D9 0
0 102ms
102ms Fetch
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtSE86erSZbTHGZqfzLUPrYyzyAnP3NmNacfE4JS1Ep_sor3AARABIKz44iBgye6Oi8CkjBCgAf7utrkCyAEFqAMBqgSEAk_QUsJTRZYUnWK98iuQRCGGfD31buF_KNsoDSKAH64G5AiFJmQM753c6li3z1-3VKaiELN19mDNJVfzPYWa4o3-WVowGotH9PECR09A0NAitZ5lbUtXm4ohNZmXidvFXR_vjgSoDOw8WkHU18maSYsPofXcft7CyVHJHqCVcdjKz4GzsPVGnrdsFRos6HY8kQSLLNinfnpdpa9yC4JT6qEkoec2vOVnzNue1XaiftuIquEvO-5E3UvCeox52dYNe1H4EqoyoXJT0lH4klV53Xi-9ZHw9yxVoPKJSm9dK4qqDF4HFD2_uXaLZG3-MFmCBdNXJyPD78V9tEP_ICrd82vQNeHOwASTr6_vuAPgBAOIBYaf6uktkgUGCAMQARgBkgUGCBsQARgBkgUKCCIQARgBSPiQe5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHChC8lAwYmKzwhgLSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYkpjgx9m2hAOACgHICwHaDBEKCxDgnqTv-6CKteIBEgIBA7AT097GFsgT1a63CdgTCogUA9gUAdAVAYAXAbIXHAoaCAASFHB1Yi0zMTkwNDU3NDY4NTQ5OTIzGADoFwU&sigh=utVO2Zn21qY&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLcV5Yj9qxfrYgkgZuuugSXwc04LwXAfD6KxgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 05:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 59ms
58ms XHR
application/json 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e359b9b08c944b02b79ef2ef1b68417cd12a8817d124c9b2388a7f21e7277bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12343
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 99D9 0
54 B 102ms
99ms Ping
image/gif 2a00:1450:400c:c1d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lssiisrp&c=3292420836288&slotId=1646210418144&qqid=CPTf4MfZtoQDFZoPswAdLcYMmQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 99D9 41 KB
15 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:17:25 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-ab5sznly.c.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 99D9
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-ab5sznly.c.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

90ms
26ms

Fetch
video/mp4

2607:f8b0:4006:6::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-ab5sznly.c.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/30A1A67A05FCE47D8C4A61F0895068CE1A1156A9.330DC97ADBAAAEEC15CE705654913A73E4E9C034/key/cms1/cms_redirect/yes/mh/AA/mip/2602:ffc8:2:104::6/mm/42/mn/sn-ab5sznly/ms/onc/mt/1708321240/mv/m/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4006:6::6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 05:45:14 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4306394
Last-Modified: Thu, 01 Feb 2024 18:33:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 19 Feb 2024 05:45:14 GMT

Redirect headers

date: Mon, 19 Feb 2024 05:45:14 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-ab5sznly.c.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/30A1A67A05FCE47D8C4A61F0895068CE1A1156A9.330DC97ADBAAAEEC15CE705654913A73E4E9C034/key/cms1/cms_redirect/yes/mh/AA/mip/2602:ffc8:2:104::6/mm/42/mn/sn-ab5sznly/ms/onc/mt/1708321240/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 99D9 453 B
590 B 32ms
31ms Image
image/png 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-3190457468549923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:22:57 GMT
x-content-type-options: nosniff
age: 1337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Feb 2024 06:12:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 99D9 0
54 B 99ms
99ms Ping
image/gif 2a00:1450:400c:c1d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lssiisxe&c=3292420836288&slotId=1646210418144&qqid=CPTf4MfZtoQDFZoPswAdLcYMmQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.11y~atrd.122~videopreviewvisible.125&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js?bust=31081234

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 05:45:14 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2BAC 23 KB
8 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 225848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 15:01:06 GMT
expires: Sat, 15 Feb 2025 15:01:06 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5CE 13 KB
5 KB 33ms
33ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:26:54 GMT
expires: Tue, 18 Feb 2025 05:26:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 20D3 829 B
997 B 52ms
50ms Document
text/html 2607:f8b0:4004:c0b::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57831e0ef91dd0b37d370e4b6553eb043c586f3893187a240715f267b4418be4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Igcz4yUUZsgriI42d91ETw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://read.ojoutobankenkun.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Igcz4yUUZsgriI42d91ETw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 05:45:14 GMT
expires: Mon, 19 Feb 2024 05:45:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BAC 39 KB
15 KB 36ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 02:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 02:43:36 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame E5CE 39 KB
15 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 02:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 02:43:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 20D3 0
0 88ms
87ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=1038280925382322&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 206 file.mp4
r1---sn-ab5sznly.c.2mdn.net/videoplayback/id/a4e3da3dce3954bc/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3851260487/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 99D9 3 MB
0 62ms
26ms Media
video/mp4 2607:f8b0:4006:6::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:6::6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 19 Feb 2024 05:45:15 GMT
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4306393/4306394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4306394
last-modified: Thu, 01 Feb 2024 18:33:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5CE 0
10 B 31ms
30ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?seop_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BAC 0
20 B 407ms
407ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9R-26urSZdGNJ76gnboP06ePuAsAAAAAOAHgBAI&bg=!NDelN3jNAAZN4L4YbeA7ADQBe5WfOJE2hUWCh_SQVVbYIef64RXGDIiVq2TGH1SRUespTIu0hppW0YJSEX5QPZr4c9KFAgAAAJVSAAAAAmgBBwoAcDPyV3CgEmKfln33mFT7XGTOtJqpbGTpitsm6IX343hiKt63Ty-tk_y-xIJvTCgtjViS8Cxa2ZwwlHeEDefhWdPoz3CLWmFmfSpwIwmrbpnAI4SZ5uZMjLhgtPZe-5Gv1d6Fies61qZX3cWzrsIbMk2ZAvYHQg3oUcmypELsjNhZD2gc4XBy_OP3aCM-POmOsvwnIFTTMYGljUAa3xQj-1CuoSvRikBOUSpNmTwgiSvGP5rpHH2Q_ruJXZaaI3OdWjUeVF4Ja_GZ5ET5-YF18EBqnvGC74ovt3C8fD-Bbgx54MnxmICs0T_kBlp17wQXkkhe3XsQTQ4jF_w81JS6TpIEU_ACLyqrXG45KgethQAD_jrgoCp4bJ8HkdUQbejAZwuYgPwlyNQWAdgH06Jd_X3i3n3F9c9nd2NYRC8KUr9g9isM50QNxlbjSluRcEAiRbXcF2QR5Yt3qmQruhAsEWNxcQTebUh4dqJ4ZtO8LowZtHyV-HppwUw-5F07eyMet5h02yH-_rcKcuI07AdGQcSKj_9buxSCwKfjsHhZQXnGsFhTq4d2kdV9pYlGuVSDUhsNwnCG7I_HSU8GR71-Pl9oPNeMpvf2RfpSP44_Bwdzjvt0qsLFEXvCvULIumtRwhHkxQXzTmrrtCjhuWOWlGoM0wW_PXCKz8rtvFGHf8PShrY3iwr-PfFJephmLKqNGSANXlurZllm9FaDkehro0i1yQbPzdD63mTg0FJcT4RCbyOBMTGeJk_MW9vzj6ZQS1N5_rGCay-ohzgn9eq3lAY0Gd_m5nfINvN0tZTUiDaH6IIJ38qNDK0srJojISwxdoqMVHbhWfwpuXFeknDZNE5MqH9wdYO5D7MqQbezsrIax9jGjD1BBSMMLi53PGdba0ggms-GcqnEdrCtP246oFYTnnSWSckOLtgOOgvSAkHkumlgYf0q5OGBV7qdkMjIhyBD8ZKr5hSEH_yIbiGoJt0ZKnljfCWcQSyz6RXtOzZTS9TBJZdxMUvOznHhMirhhFcuutlz42ZpECYA2o9ZTuEHo0FXmDX87SQQ7xAO4eRkpPn9CFb37oeknU8Tn3SJVnTH3faG2Lq41_r259DUCYRCYRZkWvxBwI2RNVVvSokfPdHrqFSds8ClgjD3kA9wWaY_w49NU58CWQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4FBA 42 B
64 B 398ms
397ms Fetch
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvMr-p6N9KVFQXMuhPsAm325S0reMbLq1hLVVB5lDqsoEm1G8bSEonjKRPyzBbGqecorbTlI29fh5sOIhmzIGoCUePcUd15W8taMAheKaO5A-kN-_lb79IbtsQzCsFmfM6djA8_JZbpJYk15Iu7gJZ-vS6MsI7uLM&sai=AMfl-YTKQ0C5ujf59zqe7BFQ30BZTKijtj-bDzM_UomM940rn16K5wvVEoIE3AT3AAXGKfQINrT_2zEjsF55j0HxbsjVqrVdmVc42kImuYvn0KUWmc1Yq3pEuH9d1JaoizVUo2NwT7cq9mxPr8NHrd9k&sig=Cg0ArKJSzGS76inbEYhtEAE&cid=CAQSTgAvHhf_qjEF7royl1N33rSsbec5c3CPNgAgZc-t5H6aDLh3_ZqleXfuBPBBwFhznWWWZZ5WiiCYQ_nTI3nr3ij0-fZfzQ4cYr1Op_LSShgB&id=lidar2&mcvt=1000&p=0,0,280,920&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=401755941&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=425431400&rst=1708321513385&rpt=679&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad-iframe Show response
fundingchoicesmessages.google.com/f/AGSKWxUpSbGDgnv8KWc1brQnuboSuX6LBIzxi0VDogGY44PJLCv2RekkADxPqS1tlm6lmFp2__TTNfO-1XMk7LmP0l3CADr4R_8yWaYSLcjDAzlcslTRF3toYdNHtlrfdMDcF8GRjxrIe5EdDxQuwaBvWrUqptunA... 54 B
110 B 389ms
389ms Script
application/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUpSbGDgnv8KWc1brQnuboSuX6LBIzxi0VDogGY44PJLCv2RekkADxPqS1tlm6lmFp2__TTNfO-1XMk7LmP0l3CADr4R_8yWaYSLcjDAzlcslTRF3toYdNHtlrfdMDcF8GRjxrIe5EdDxQuwaBvWrUqptunA3f5NmWbUbHNskEFC0Eu-WSEVKKWXsOE/__rectangle_ads./ad-iframe?/ad_support./modules_ads./horizontal_ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8550f2f51a911a5a82fda90f72fa2e99af3d8767cd823471de5abf8ed002e8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0jEgpon0TIBxNTCIh3Wqsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-0jEgpon0TIBxNTCIh3Wqsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O11dPr2MTOLDwaCsjAOZLRK4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 426ms
426ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:02:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 06:02:50 GMT

POST
H3 204 AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 443ms
51ms XHR
text/html 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DBZXf0xIhUIHazkRkjqALg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-DBZXf0xIhUIHazkRkjqALg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC8vnp6HZvAjFefPjICAAbgGYE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://read.ojoutobankenkun.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 72ms
71ms XHR
text/html 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A0g5h22_ThCEvjqZ2IcUmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A0g5h22_ThCEvjqZ2IcUmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC8vnp6HZvAgXXfepgABrUZEA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://read.ojoutobankenkun.online
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 109ms
108ms XHR
text/html 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WuQkgWvjBCYQes3R5fwmuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-WuQkgWvjBCYQes3R5fwmuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC8vnp6HZvAiZuT5jMBAAWLGO4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://read.ojoutobankenkun.online
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 132ms
132ms XHR
text/html 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HxTloOJm4nL208IpAoVANg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-HxTloOJm4nL208IpAoVANg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC8vnp6HZtAw547K5gABZcY4A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://read.ojoutobankenkun.online
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXsVPfGyrzqh_-WB6JcslT9MyirIjH_sWV6e0Tpaf1dZZP7NgvZp55LbDEYK7FJ_Gjsjaw73L6EsTNerNgBDCqiOYwp3ZQexbUXqmhSR2XlyafOf54eL_gqWahh1XGCPrtgjASGvQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXsVPfGyrzqh_-WB6JcslT9MyirIjH_sWV6e0Tpaf1dZZP7NgvZp55LbDEYK7FJ_Gjsjaw73L6EsTNerNgBDCqiOYwp3ZQexbUXqmhSR2XlyafOf54eL_gqWahh1XGCPrtgjASGvQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MzIxNTE1LDUxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yZWFkLm9qb3V0b2Jhbmtlbmt1bi5vbmxpbmUvIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd55fa0c5a0799bb65998124851a95a8a682a93f202237435cd6cca942859c14

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-skPgCnvKz4NLh5DIvl-NYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-skPgCnvKz4NLh5DIvl-NYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O11dPr2MTaJj7rZ0JAOdtRKE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0aqryNm2hAMVPlBHAR3T0wO3EAAYACCLv_FjOhkI-I_4xgEQk6-v77gDGNWutwkgx8TglLUSQhMI9N_gx9m2hAMVmg-zAB0txgyZ;dc_rmcid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLc...
ade.googlesyndication.com/ddm/activity/ Frame 99D9 42 B
401 B 325ms
90ms Image
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0aqryNm2hAMVPlBHAR3T0wO3EAAYACCLv_FjOhkI-I_4xgEQk6-v77gDGNWutwkgx8TglLUSQhMI9N_gx9m2hAMVmg-zAB0txgyZ;dc_rmcid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLcV5Yj9qxfrYgkgZuuugSXwc04LwXAfD6KxgB;eps=CIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQD;met=1;acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D425431501;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708321515517;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 99D9 42 B
64 B 50ms
48ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCUFG6erSZbTHGZqfzLUPrYyzyAnP3NmNacfE4JS1Ep_sor3AARABIKz44iBgye6Oi8CkjBCgAf7utrkCyAEFqAMByAObBKoEhwJP0FLCU0WWFJ1ivfIrkEQhhnw99W7hfyjbKA0igB-uBuQIhSZkDO-d3OpYt89ft1SmohCzdfZgzSVX8z2FmuKN_llaMBqLR_TxAkdPQNDQIrWeZW1LV5uKITWZl4nbxV0f744EqAzsPFpB1NfJmkmLD6H13H7ewslRyR6glXHYys-Bs7D1Rp63bBUaLOh2PJEEiyzYp356XaWvcguCU-qhJKHnNrzlZ8zbntV2on7biKrhLzvuRN1LwnqMednWDXtR-BKqaqDopkHDvgDSkxBEcTiSYjk8z26HDo1s48TSjAbaDj0lYCOpiNqIIh93mr9TgTe5L0XTUazGIPUWEsvNFKIxJVDtvcAEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=pIJ_f5eCl_Y&label=part2viewed&ad_mt=6&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D425431501&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708321515517

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 99D9 0
380 B 109ms
99ms Image
image/gif 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWyET7l_87sBITOHnxCgFdFcxC19iBshjWnmtioyUVpa6e1s5kMJ-nQIIt30XnlJI_HN9CB6MZP-qyqDybI3AzzW7LROybF5G4CELubDZots6iUakSZbCRUK1Bkwz28KNX8HP5FY3mbhCFHAVfWDJVAocJ2uPR4l6aVTB67O2oAmKmutaMX4UFIZPo4GdcxKxyjeQqSqTs5FRyNNBjxYJYqz0dZLiP0L7IkYhc7JBBkVgk533MMjaWduqjTvFe38M_fIB_IVdYG8Ond7Hsyaoqdc556OtFRncWCmx4z9996lc5FJiQoUHr76xUQGD6LM69pquv3t1GLBV9yUfUHDrFv8XALTja6GsV0tWvIWc9v5ByxHmwnOnLyqmK112uY7mFsz_vqzb_SmFbKRdfO5qcMIwgNhH5ApTt_MYBzfD3v2mKalg5ilMxIWxjTGoegAl2GUs2Na0JHl9styW8qO2Felb4iDztlyrqDDPZx2I00WFdAaqmKUNL8_-toIv47PX0NpjxsPWlXxiQ229D-Bl1CAybLxof6CClJQtzndNChfRqUmvix-n_FEx9EIJ8IGk-pHJyCWm2HYuJA3wtd3UBY5R7PiHbN0m8CEWnL1R2GRhjXuFObA3pAAhWLq9qLhv1-e1El5ifx2Ui25CG-9O_1lP2fJ6Ooatm8w6RLQHZBmoCJ5R0YjsBqBtsM8a0Ri45Mrh2GIvqGz5rnFlAlMWDq51Xd4WA48dfhTolHhGLgHWaR12etdAfFEZGjkSM5fy8tn7E9n6IzMs5Z5xaioITKhTYt40ZLJWSeeoqLj9kmRoOtbAZ2pfla2Dax6QxOB-Uas88hYJTNwtVKGi8cVzYpH0M_IQVDoYezgZLb8KVTLQlzMDbeP7nSy-bUkj8OfJmXyc6T9JcWGZv6S5kTbc-vtAN_jRLu0ezxB-d9wGihgyWfHgeablAO2LwbECWCGHGVovpu1YA3PtWERA9f4M32u-q_JCXCbXEQlitn5P5NZx7rtY8K-mNdaWP2xxO9DeywTHjDmEOkw5kr3bS3Svo9b8jh2Q0d2qVRUDYTyZSOYt6Nd6aeaJ9ryUcxMJpdf9x0AzGB82l_13brfOYLJgFylITIg-c8AfL7yq-9ChjIfmYBXTcPWQRb71yFWTBHyHpfoGSp0__3i2D-DyMm6nRlrGkfOtW9R1lLkw2t42WHkdUPpdzAvH-K1uK_5xsj50NiA9Ou-lkt4GL_QLkqw6xTBKiYpOc4xEnm01yFhO2_Pq84pkwA-vCKFeVRVTmkWd2nClMtrUaJmwKjlrSa836tV9wUZujMAhFJ_LwXn-sU7WvrLcwNoq7YnQbRDYNuLCvfzc9ZLkWXuzEIprAeuNz7L5fjiU3cqTYMK9abE87stEuw_7j4S_XqcrSGWQ7Pmkb73xV&sai=AMfl-YRSTt0-yYxe6IfzYro8IUa0FivXVM2gEG-mgHYPu5Ys2zPmadhOWjfp44PdcsBsI1GmdjGF6Kw_A4j0D1S14B5yTLf28v27i-rHpJ6SLkJB98CUM86yJFw0iGevcNvRFKIXFhF2HLvLU1MUhpoHzatI9c2A2lmwp2KASoYBPY0IotgUXCYFvBS6EpxUa-RvwRHO94hTC52N9qMtQpSZZUEF8zQ-2aGnxceX3SMnFOAWm7sxzumYOQiY3jQ5PslxyivB8OWuE6u6JX9K5xZg2E-ZnFsnnCTllwGgPGZln4_XVcdGPwLFR5yyfXnMuw&sig=Cg0ArKJSzIcwfBfNllemEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 19 Feb 2024 05:45:15 GMT

GET
H2 200 /
d.agkn.com/pixel/10690/ Frame 99D9 43 B
612 B 268ms
34ms Image
image/gif 2600:9000:21da:b800:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=1529007700&cmid=31342060&sid=6031710&pid=387455836&cgid=578817250&cid=209477515&aid=9902108&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:b800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:14 GMT
via: 1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: 6H75dZH6O3Ch14FHZLJTZQfStneXC4eDk5yq3Bd6Oyvq7EkxChQORg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 99D9
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhiYrPCGAiABMAE&v=APEucNXh0-6zFmEQ50YQYmOq7iBvByuClHp4rh4dvbms9BGG1ouNjmpLF5RVOIM9XR6TvoH1_2ICFAK82WMOQEF46JtOdnSAtfA0GSULQ0_io5J4Ir8o4ys
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdLq69HM67UAADzYAB9syAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8UnNtQAz_wKbM2ml2rB0M&google_cver=1

43 B
776 B

52ms
52ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8UnNtQAz_wKbM2ml2rB0M&google_cver=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BVStYOILvfCkvWQxHBHJYIKFdwm9gGl8z9sWRDzDYGJeQgC7eG5HULUbH6sMHtOTqWjtDN1k%2FSoBWXBYIWm9q9NoT4RXgk5wkGQkxZynRvx3SMtnHvd%2FJN9mw2%2BR%2BatkhbMucsW1aQhfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 857c33e28fb9543d-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8UnNtQAz_wKbM2ml2rB0M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 99D9 0
20 B 91ms
88ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 99D9 42 B
64 B 92ms
89ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFr8VlWqPGsHG8VTaeXh7y-ddqzrKwEzgJCkn-d1s-hSRQk5qZGn4OI0cTElgfKyzR4mryTjHQp4P_ueifz-siZcsm_o37q01ixv4dwvXZJMc2Ggk2iYte4cpqC4V2lz2qHlpg2HDcayDT5SSBa1f48TB6ALzSTMQ&sai=AMfl-YRprSZUnDOu_JpfZm2K4YhVY0CewAe0L5Zbj5RQ9rq2dl5yQwjcN3H5t3kGoAIlGQ0Bwn0z173ApWkRe4vtY9LpRyVvvqjI-tfN8LP8ixnbhgMZU5r3Xv4A-3QRFylMPJtlz05Yx3ve0D1HuN4P&sig=Cg0ArKJSzIyLPaQzKKXSEAE&cid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLcV5Yj9qxfrYgkgZuuugSXwc04LwXAfD6KxgB&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D425431500&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708321515517&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 99D9 42 B
64 B 53ms
49ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCUFG6erSZbTHGZqfzLUPrYyzyAnP3NmNacfE4JS1Ep_sor3AARABIKz44iBgye6Oi8CkjBCgAf7utrkCyAEFqAMByAObBKoEhwJP0FLCU0WWFJ1ivfIrkEQhhnw99W7hfyjbKA0igB-uBuQIhSZkDO-d3OpYt89ft1SmohCzdfZgzSVX8z2FmuKN_llaMBqLR_TxAkdPQNDQIrWeZW1LV5uKITWZl4nbxV0f744EqAzsPFpB1NfJmkmLD6H13H7ewslRyR6glXHYys-Bs7D1Rp63bBUaLOh2PJEEiyzYp356XaWvcguCU-qhJKHnNrzlZ8zbntV2on7biKrhLzvuRN1LwnqMednWDXtR-BKqaqDopkHDvgDSkxBEcTiSYjk8z26HDo1s48TSjAbaDj0lYCOpiNqIIh93mr9TgTe5L0XTUazGIPUWEsvNFKIxJVDtvcAEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=pIJ_f5eCl_Y&label=vast_creativeview&ad_mt=6&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D425431503&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1708321515517

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 99D9 0
54 B 104ms
100ms Ping
image/gif 2a00:1450:400c:c1d::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lssiisxn&c=3292420836288&slotId=1646210418144&qqid=CPTf4MfZtoQDFZoPswAdLcYMmQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=200394&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1nh~ff.1nu~videopreviewstarted.1nw
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=1038280925382322&bg=!REelRwjNAAZN4L4YbeA7ADQBe5WfOGhu7_dE-4Sa2DVPrGsp7YKryrfLi0eZ9b2OCgtskj9S0TpZdrib0EtoYZtAtLBPAgAAAHtSAAAAAmgBB5kC2vL5QMTT9YQ-0RbCnSRWbtV6HJvujsi61ArCisqq2nqJX_Tu6YH4l80ISjcf4RSPXhL2tBgMl-AfSlIzcweqdg_NcSlRZKNE7fLHjWMHO1OPoBD877Lm8AXqZ0nF6LKDgWoJjyirv2m_e8EGqcBZ9rTIBq2D5_iP1X5zaVMnKpTDTSap8-9VPQvxt6iEmDNycEpvmUNypXr7WWguR2josA67jHgh-T1AEC1bE0DWnrM87ibo-a617j2JUbrn7K0drC5ccDjZergvq3-MkrM2N5SrPq8Nbv8aUHL1Rmvymi7Cb5u_a7wGZH8XXKhs1EYm_waPGnPpwCVdqqusnUOU9mvObP2b-31iluRx2FWfBz6xxE9BaGNwrBsvEn89PL8yGG1bqx0GoB9evoswyPAfJwC1v1qBQfmsCQDWk_RC14ioJMm8cRLAEBQMRav5_YAQnrIG-PHBD38tv6VG6fkA8GpB67AXZ-07WC-trzldGXWXHCbDLE3RFXXxoAMrzWGFluOvITFehr-IOqr_p4xPfo39K7hlNDw-MIYLOw_4e6MB8jNSXjIzwUGTDxfm-43EJw4Vcp8ExJ4BGMDnVJBnoX5TjXowTm4Uy8sfBm4blC2Uc1y4TeozrAyWR_EJ2bCHw2rl8_9j1szuIlWljjiEgCJjCJ4TMEGttaBrA1GJAWpiBeeIHANpSxjJMaApl1hQ6ntR3pTAnBwJeYm6PAJ8OIqXNZDclbIu_cAJPiPftYfxT1J07e-GpaBVsvGXcyon0VFvdVfXYJlMvPenxg2ZTSU_CSxIMGxEQOQDpr3bOeMIUHThV7CXQnbZoVLamMPs-fwicxn324JgLErJYhcPucxOAXawWeyznx0HF9Nhx-qJCwj93_Zl2YyQnOKFFaUDzBrHXomPN2eloaukMY_Ls9qEuEwSTkyq3ZqraJACBTT7dtrnIBO6-sJeD73Rbqx_rA0VaoS0WFwsdaU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://read.ojoutobankenkun.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 AGSKWxUdWOrGUeK-a7lVbNKlDUX_cQnz3ZxRjRt9i4McWCWe2jnj6CR7jO--Rob74CCPnPgbyHoPcuJKzWkRPe-w3vtFsHtuEXyd3tZRpOQXaCrun3n2i0rYF9CMeANnsIUg4iBzZEclCg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 80ms
79ms XHR
text/html 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUdWOrGUeK-a7lVbNKlDUX_cQnz3ZxRjRt9i4McWCWe2jnj6CR7jO--Rob74CCPnPgbyHoPcuJKzWkRPe-w3vtFsHtuEXyd3tZRpOQXaCrun3n2i0rYF9CMeANnsIUg4iBzZEclCg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Tbp5wqhH_U0zi1Zd5N3wgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Tbp5wqhH_U0zi1Zd5N3wgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC8vnp6HZvAihVP1zMBAAUCGP8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://read.ojoutobankenkun.online
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 107ms
106ms XHR
text/html 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXKYmHNKROWzZXjqjKBQbVqSgRD_FSdEaPchN9ZD07ebrEaZdlIaaWQIm10ySiuyjqw6sFO6TFNXITr2P6qHk9ST9gAAqRcmRuI_V6l0TVBG2m8L1r0dsSv9ye0Cc4v2MTSpBMAHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EeG7dZib4Lbmikib6dimhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://read.ojoutobankenkun.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Feb 2024 05:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-EeG7dZib4Lbmikib6dimhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XC8vnp6HZvAhdfb9jMBAAanGUw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://read.ojoutobankenkun.online
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 99D9 42 B
64 B 91ms
90ms Image
image/gif 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFr8VlWqPGsHG8VTaeXh7y-ddqzrKwEzgJCkn-d1s-hSRQk5qZGn4OI0cTElgfKyzR4mryTjHQp4P_ueifz-siZcsm_o37q01ixv4dwvXZJMc2Ggk2iYte4cpqC4V2lz2qHlpg2HDcayDT5SSBa1f48TB6ALzSTMQ&sai=AMfl-YRprSZUnDOu_JpfZm2K4YhVY0CewAe0L5Zbj5RQ9rq2dl5yQwjcN3H5t3kGoAIlGQ0Bwn0z173ApWkRe4vtY9LpRyVvvqjI-tfN8LP8ixnbhgMZU5r3Xv4A-3QRFylMPJtlz05Yx3ve0D1HuN4P&sig=Cg0ArKJSzIyLPaQzKKXSEAE&cid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLcV5Yj9qxfrYgkgZuuugSXwc04LwXAfD6KxgB&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,157,119,366%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D15018%26vmtime%3D2173%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2165%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003%26co%3D425431504&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708321515517

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0aqryNm2hAMVPlBHAR3T0wO3EAAYACCLv_FjOhkI-I_4xgEQk6-v77gDGNWutwkgx8TglLUSQhMI9N_gx9m2hAMVmg-zAB0txgyZ;dc_rmcid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLc...
ade.googlesyndication.com/ddm/activity/ Frame 99D9 42 B
107 B 92ms
91ms Image
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0aqryNm2hAMVPlBHAR3T0wO3EAAYACCLv_FjOhkI-I_4xgEQk6-v77gDGNWutwkgx8TglLUSQhMI9N_gx9m2hAMVmg-zAB0txgyZ;dc_rmcid=CAQSTgAvHhf_eC2p52NwCchXwd5KgoegMgtkjRInveORDdwP6VT8FxvhFyWXm-LjTaQiUMIAnCaLcV5Yj9qxfrYgkgZuuugSXwc04LwXAfD6KxgB;eps=CIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQD;met=1;acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,157,119,366%26tos%3D3738,0,0,0,0%26mtos%3D3738,3738,3738,3738,3738%26amtos%3D0,0,0,0,0%26mcvt%3D3738%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3900%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D201%26dur%3D15018%26vmtime%3D3912%26dtos%3D1735%26dtoss%3D2%26dvs%3D1735%26dfvs%3D1735%26dvpt%3D1735%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3738,3738,3738,3738,3738%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3738%26co%3D425431505;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708321515517;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 99D9 42 B
64 B 52ms
51ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCUFG6erSZbTHGZqfzLUPrYyzyAnP3NmNacfE4JS1Ep_sor3AARABIKz44iBgye6Oi8CkjBCgAf7utrkCyAEFqAMByAObBKoEhwJP0FLCU0WWFJ1ivfIrkEQhhnw99W7hfyjbKA0igB-uBuQIhSZkDO-d3OpYt89ft1SmohCzdfZgzSVX8z2FmuKN_llaMBqLR_TxAkdPQNDQIrWeZW1LV5uKITWZl4nbxV0f744EqAzsPFpB1NfJmkmLD6H13H7ewslRyR6glXHYys-Bs7D1Rp63bBUaLOh2PJEEiyzYp356XaWvcguCU-qhJKHnNrzlZ8zbntV2on7biKrhLzvuRN1LwnqMednWDXtR-BKqaqDopkHDvgDSkxBEcTiSYjk8z26HDo1s48TSjAbaDj0lYCOpiNqIIh93mr9TgTe5L0XTUazGIPUWEsvNFKIxJVDtvcAEk6-v77gD4AQDiAWGn-rpLZAGAaAGToAH6pDJxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WJKY4MfZtoQDgAoBmAsByAsBgAwBqg0CVVOwE9PexhbIE9WutwnYEwqIFAPYFAHQFQH4FgGAFwHoFwU&sigh=pIJ_f5eCl_Y&label=videoplaytime25&ad_mt=3913&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,157,119,366%26tos%3D3738,0,0,0,0%26mtos%3D3738,3738,3738,3738,3738%26amtos%3D0,0,0,0,0%26mcvt%3D3738%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3900%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D201%26dur%3D15018%26vmtime%3D3912%26dtos%3D1735%26dtoss%3D2%26dvs%3D1735%26dfvs%3D1735%26dvpt%3D1735%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3738,3738,3738,3738,3738%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D65523366%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3738%26co%3D425431505&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708321515517

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 05:45:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
read.ojoutobankenkun.online/	1969-12-31 23:59:59	Name: userSession Value: 1708321512445
.onesignal.com/	1970-01-20 18:32:03	Name: __cf_bm Value: 5.9ySQeR2w0ZvOSpk_OGZ1r7gPRIXjK_s6JCil5uzdE-1708321512-1.0-AUclG1t+NURFOOJ9zE1SQi1e3dmVSVO9nVahBWnzJlVop5XYUpCDNyA8cPT6koFko8XxoZorK8JBay2z0PsQa8w=
.ojoutobankenkun.online/	1970-01-21 04:08:01	Name: _ga_BFV4DZJWBL Value: GS1.1.1708321512.1.0.1708321512.0.0.0
.ojoutobankenkun.online/	1970-01-21 04:08:01	Name: _ga Value: GA1.1.230118045.1708321513
.ojoutobankenkun.online/	1970-01-21 03:53:37	Name: __gads Value: ID=57bf8d2497232fce:T=1708321513:RT=1708321513:S=ALNI_MbOold_IoXJARRfMg_MnTCxv4EOuw
.ojoutobankenkun.online/	1970-01-21 03:53:37	Name: __gpi Value: UID=00000dcb38aba69a:T=1708321513:RT=1708321513:S=ALNI_MamwKyQikpLp9Hfb7Qz5cF6tBrGRA
.ojoutobankenkun.online/	1970-01-20 22:51:13	Name: __eoi Value: ID=2b3b9f307cda381b:T=1708321513:RT=1708321513:S=AA-AfjYJVwSNp0lN3VFONfv4gPCO
.doubleclick.net/	1970-01-21 04:08:01	Name: IDE Value: AHWqTUnw27I2cpPSJGuyP1WdVk4sdO3rLVvs7gdPb5kXsZP-SDfejrkYLGw2OLygjYo
.googleadservices.com/	1970-01-20 20:41:37	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 18:32:05	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:51:13	Name: APC Value: AfxxVi4fgbdKWcT4Ha49nnawfrb2svfzvlD8ws6pWK_f4-zaEN1B5w
.doubleclick.net/	1970-01-20 22:51:13	Name: receive-cookie-deprecation Value: 1
.ojoutobankenkun.online/	1970-01-21 03:17:37	Name: FCNEC Value: %5B%5B%22AKsRol9brgyklITqzNDcrcTp_B3zugAQa5tSYToFF1eXEBmZ5-bD2IkuuYp-hp1ZBZbg0PhqWSwGJIkLHCVvDDDUVD5vctpJtPlz_UUGDaAcpBexmlNan0mxtIsZKKptb9ssyIPvu4MQb6Hv_llTmIZbFnWqjU2Sgw%3D%3D%22%5D%5D
.agkn.com/	1970-01-21 03:17:37	Name: ab Value: 0001%3AZaruA3zWGrWuqua6oCAe2WoyR%2FU3SlQ7
.agkn.com/	1970-01-21 03:17:37	Name: u Value: C\|0EAAtZadrLWWnawAAAAAAAQAHAAAAAAHePez__x4AAAAAAFwJXgAAAAAXGBtcAAAAAAx8X4sAAAAAIoAM4gA
.casalemedia.com/	1970-01-21 03:17:37	Name: CMID Value: ZdLq69HM67UAADzYAB9syAAA
.casalemedia.com/	1970-01-20 20:41:37	Name: CMPS Value: 1339
.casalemedia.com/	1970-01-20 20:41:37	Name: CMPRO Value: 1339

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://read.ojoutobankenkun.online/(Line 980) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://read.ojoutobankenkun.online/(Line 980) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://followingpartlyindicator.com/ec9b5319629d364a3e7c455d3430cbd1/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://read.ojoutobankenkun.online/(Line 1407) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://read.ojoutobankenkun.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cdn.onesignal.com
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
followingpartlyindicator.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
ojoutobankenkun.online
pagead2.googlesyndication.com
r1---sn-ab5sznly.c.2mdn.net
read.ojoutobankenkun.online
silentinevitable.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.icy-location.com
142.251.16.157
172.253.115.155
172.253.62.154
172.64.151.101
192.243.59.13
204.155.151.34
2600:9000:21da:b800:19:fc2c:a140:93a1
2606:4700:3031::ac43:de89
2606:4700::6812:d73b
2607:f8b0:4004:c07::65
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::66
2607:f8b0:4004:c0b::93
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::64
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1d::61
2607:f8b0:4004:c1d::9d
2607:f8b0:4006:6::6
2607:fbe0:1:42::1a
2a00:1450:400c:c1d::78
2a04:4e42:600::649
00526e46a0cd4e0849012e53b5a9a2d003af41042d22f7cd4d6e2aaeb38577fd
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
049b560e536e8e30d2c2c0f073dedcf13e62cdb3b075c0b97ad756b42ec734b7
068a51dcd4d054caf1b2fdbc4370b8e8ac16e5ec3609846d8ed1158d2d723813
09d737f9695fa778e458cce3b57a48144c501b95a1e2ff8a87c5495ccec7c66b
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
122ffbbdde259c97e72e01b8d1faab08753d76ec8d885669c47fc5a00f2a3c5f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c3a85aa2f5b988b1fa66ef0a801fdb531a73f7579f0a146e97393226eddbcfa
1c73c494b23bceec64e9b784554fcfab3501a0461394ed5860833cef8561b87d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eb97f529e70c330d4932d8ed468cfb94011e2bb74c5145292f285cb2d6b9f21
1ee655ca66e7b61f1d6d7ee682b844c4af89ddc73a3b4d12c35ad715cb6572a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2ef9fd5fd65172381a872bd00f034fb48f56ca1800282fb03f95e8b50891c10f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34cbcfbf166e8db0907bbcff08d2e5d7d43c9e0ba894ac8899a9fb93515fbf97
36e5fb48cee849a51910344f29460662f8b5703dfa6102042122b47d081ca73d
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4bf4f39c861b8003d64dc585ad093ee11b9b39cee4f808c1996ab5d7d9777bd1
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5497a899aa4511802ff9d3be87e7153243347ea83770f3e26f8f1b98b712fdaa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ef7fc07be5bcd82ed4cc9894bb95458a4df10a8c7f0e35dc418ad517fa4d27
57831e0ef91dd0b37d370e4b6553eb043c586f3893187a240715f267b4418be4
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63df3101fa0d4bdbb625b009f6dc2e86bfeed6bae366c551276d1111c321cd6f
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f063ba5501c21a64c0c9d066494d0b4efad366e29ec8d70e555cdefb5b85e87
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7656d78869ec0d786b636c3fe2ad0eba34ab3fa793628cc9629a3e1c08c783fc
786889f515a603de35a120267630863ee28c068a498db20f03277c4415009270
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
8a73cb101c51cc26df4c9c2940b13946004b4946a2316d510a004e14ff9c1eef
8bdf92031faa6e9842f9d99f75b680ba585ae6359cf76540ca78442327a91eca
90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91d3396943041ad8f024bf4b6a7381cddc8a1896a9d4f1b3336620767f9dac40
9a1be874cbe7354d944ba9aca0a2b6394ff506c2d95fb8ec9107bfdb9d827647
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a14d7aa713df1750803daa3bf7d7449b982797e66ad0be8ca78c2a1721aaab43
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a9552f88979fec83deb2148238165faffca936bfd3c929436ba8f52963b6ed4e
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
afdab0ad35387b250baf43d4c55bdf0fe1fa19b3e860369c7e8119efe22e4eb7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b358fb569197e71a9e01ba7cffddd59643ddeebb16862542c60f4bd621160320
be85a4dfb9a368ba7493c80267656fcf625e1a7c5b5d7caef417b2bf8b49dd2c
bedfc0841f7b35e38e7d27f14a91edfc92f116f6c72729ef34624a718e844d00
c36ae821c0d45c8c31562c8d20e73f79d5cb41cd7c6d36e8b8d5b4c18747ed9a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c49612b980160a91d1482429e7288a7d92c4a3c04c2180b39f2a1f13cbacdabc
c56254e0bc11fe87a80fadd715d043020f5d79eab6a2dd41c258b70068ea69eb
c7ffa28133398c1d546369ea63010743d7a7bec7ffefaf7fa4f9b2dfa2a3102f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd55fa0c5a0799bb65998124851a95a8a682a93f202237435cd6cca942859c14
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d8550f2f51a911a5a82fda90f72fa2e99af3d8767cd823471de5abf8ed002e8e
e359b9b08c944b02b79ef2ef1b68417cd12a8817d124c9b2388a7f21e7277bc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e9016b486292b6d0ad42733a75c38b284827dc4ec1b2b13dbe56cafbd5d0ff4d
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb24aa146d2567d9cda5fc825e537de1a9f097ed5cfb3f54df6dcfe3a474a811
fdb5d61edcfe9dffe59e50f375f9de3ea4ff88be7cffa45c05cdab0fd9d9ba09

read.ojoutobankenkun.online Open in urlscan Pro 2606:4700:3031::ac43:de89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

97 %HTTPS

76 %IPv6

17 Domains

28 Subdomains

25 IPs

2 Countries

2508 kBTransfer

9341 kBSize

18 Cookies

4 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

read.ojoutobankenkun.online Open in urlscan Pro
2606:4700:3031::ac43:de89 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

97 %
HTTPS

76 %
IPv6

17
Domains

28
Subdomains

25
IPs

2
Countries

2508 kB
Transfer

9341 kB
Size

18
Cookies

147 HTTP transactions
4 data transactions