matueku.nagoya Open in urlscan Pro
183.90.238.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://matueku.nagoya/hks5bc.php?redacted
Effective URL:
https://matueku.nagoya/pmebhqhodmz/index.html
Submission Tags: falconsandbox
Submission: On August 13 via api (August 13th 2021, 4:07:43 pm UTC) from US

Summary HTTP 225 Redirects Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 32 domains to perform 225 HTTP transactions. The main IP is 183.90.238.43, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is matueku.nagoya.
TLS certificate: Issued by R3 on June 26th 2021. Valid for: 3 months.

This is the only time matueku.nagoya was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	183.90.238.43 183.90.238.43	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	210.188.201.225 210.188.201.225	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
1	2a04:4e42:600... 2a04:4e42:600::737	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
39	2606:4700:303... 2606:4700:3039::6815:c061	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
17	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	35.75.84.12 35.75.84.12	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.140.213 35.157.140.213	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3 9	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
10	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
34	2600:1480:300... 2600:1480:3000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
3	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1	210.140.225.176 210.140.225.176	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
225	37

37 183.90.238.43 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv2342.xserver.jp

matueku.nagoya	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.188.201.225 (Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::737 (United States)

ASN54113 (FASTLY, US)

aml.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:3039::6815:c061 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.75.84.12 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-84-12.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.140.213 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-140-213.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2600:1480:3000:e5:: (United States)

ASN33905 (AKAMAI-AMS, NL)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.140.225.176 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-176.newton.jp-east.compute.idcfcloud.net

dalc.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	1 MB
39	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	914 KB
37	matueku.nagoya 1 redirects matueku.nagoya	544 KB
32	doubleclick.net 6 redirects googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	46 KB
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	201 KB
9	awin1.com 3 redirects www.awin1.com	6 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	12 KB
5	google.com adservice.google.com www.google.com	1 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	googletagservices.com www.googletagservices.com	140 KB
3	congstar.de banner.congstar.de	2 KB
3	rlcdn.com 2 redirects id.rlcdn.com	1 KB
3	quantserve.com 2 redirects cms.quantserve.com	1 KB
3	xserver.jp webfonts.xserver.jp	26 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	agkn.com 2 redirects d.agkn.com	1 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	19 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	valuecommerce.com aml.valuecommerce.com dalc.valuecommerce.com	48 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	cloudflare.com cdnjs.cloudflare.com	29 KB
2	fontawesome.com use.fontawesome.com	404 KB
1	innovid.com ag.innovid.com	297 B
1	mookie1.com odr.mookie1.com	324 B
1	imgvc.com a.imgvc.com	319 B
1	gstatic.com fonts.gstatic.com	14 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	googleadservices.com partner.googleadservices.com	660 B
225	32

	Domain	Requested by
37	matueku.nagoya	1 redirects matueku.nagoya
34	pbs.twimg.com	matueku.nagoya
18	assets.ad4m.at	as.ad4m.at
17	cm.g.doubleclick.net	googleads.g.doubleclick.net matueku.nagoya
15	ad4m.at	googleads.g.doubleclick.net ad4m.at
10	abs.twimg.com	matueku.nagoya
9	www.awin1.com	3 redirects as.ad4m.at
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com matueku.nagoya
9	pagead2.googlesyndication.com	matueku.nagoya pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	platform.twitter.com	matueku.nagoya platform.twitter.com
6	ad.doubleclick.net	6 redirects
6	as.ad4m.at	ad4m.at as.ad4m.at
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ton.twimg.com	platform.twitter.com ton.twimg.com
3	banner.congstar.de	as.ad4m.at
3	static-de.ad4mat.net	ad4m.at
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	prod-rtb.ad4mat.net	matueku.nagoya
3	webfonts.xserver.jp	matueku.nagoya webfonts.xserver.jp
2	syndication.twitter.com	1 redirects platform.twitter.com
2	e.dlx.addthis.com	2 redirects
2	d.agkn.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	matueku.nagoya www.google-analytics.com
2	cdnjs.cloudflare.com	matueku.nagoya
2	use.fontawesome.com	matueku.nagoya
1	dalc.valuecommerce.com	aml.valuecommerce.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	a.imgvc.com	matueku.nagoya
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel.wp.com	matueku.nagoya
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	matueku.nagoya
1	stats.wp.com	matueku.nagoya
1	aml.valuecommerce.com	matueku.nagoya
1	ajax.googleapis.com	matueku.nagoya
225	46

This site contains no links.

Subject Issuer	Validity	Valid
www.matueku.nagoya R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.valuecommerce.com DigiCert SHA2 Secure Server CA	`2020-09-28` - `2021-10-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.imgvc.com DigiCert SHA2 Secure Server CA	`2020-08-31` - `2021-10-01`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh
pbs.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://matueku.nagoya/pmebhqhodmz/index.html
Frame ID: 039954501BC37F742F3D34D90EB1F63C
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 0A81D2FA39F5C60EAAA9F9A238C63B91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&adk=609411183&adf=4227508019&lmt=1628870843&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870843730&bpp=2&bdt=1127&idt=70&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8662907462898&frm=20&pv=2&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86
Frame ID: 2B9A613B4174D258A02743E514AF7581
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=2571950858&adf=2766992343&pi=t.aa~a.1589882584~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=2&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0&nras=2&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VoUoXJMYr8&p=https%3A//matueku.nagoya&dtd=45
Frame ID: B71486E9BB409234B02414DED11D9C09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61
Frame ID: 2AD5D919953DEAC5513AF02659227867
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64
Frame ID: 4365AED2EDED93246C175901CBE46296
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=100&adk=1917092608&adf=3651687592&pi=t.aa~a.3460836689~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=350x100&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600%2C1200x90&nras=5&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=4110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ipKnliYsuN&p=https%3A//matueku.nagoya&dtd=67
Frame ID: 3375E2B4079ED089DA5DCE4B61395839
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CPPyRvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTOAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zxJCoWSrWhmB_XloWaGXyu9TugAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDE0NzI5OTcxMjcwODc1MhgA&sigh=VgaEiNMLqtE
Frame ID: 87A002E27766D3D4C3938ED04E2159BF
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
Frame ID: 78206852FDED350DF49DA37748028758
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 393DD1AB8215CE3012A0AEBDB6560DEB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CnrG8vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTIAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PG4-uMBwHiGlkek8nvEifBYXvgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MTQ3Mjk5NzEyNzA4NzUyGAA&sigh=31chRp6RpRo
Frame ID: 1BC0D1B5BF776B032E4502364A37822E
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
Frame ID: 334EDFA72BDBE9750B1897D1A04FC795
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DCC97FC65164A330D0B6BC6F8768E9F
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmatueku.nagoya
Frame ID: 4ECE89E92DDAEC517D8D0E10D1506B9F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CsPx1vJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMgBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkVNtXHByg_9JNOyhdcqy1KvXIqABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MTQ3Mjk5NzEyNzA4NzUyGAA&sigh=iJnvyhSttOE
Frame ID: 7769E067BEF0CF293E3FADCFB9F46693
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
Frame ID: 128634000014739F57A92C5658EE350F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 898EAA6930D58AB7C3EEE2AF61B868EF
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 152DB62F037D5582A6E5BD0D6CDCF3A5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 07FCC0B0F0A88E1BAED9FD0C5363D48C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6E0C0C82ACCC7298DC34232AB520C879
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Frame ID: CC9979B5532A06BAF87E8C3684268E30
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Frame ID: 8358884B57132831B03FCF9AA62BE1DC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Frame ID: E3828705958F9D91995E83848FA03D09
Requests: 11 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/2764.png
Frame ID: BF7AFCB8DB2E2DE26F285AEA6A4C108D
Requests: 50 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 4550D0330D1CFE8B97506E7572A28534
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B471928C0B4E97A0BC7B48611145D126
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1555CF3799E1A36716B1CF88D6E3A8B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://matueku.nagoya/hks5bc.php?redacted HTTP 301
https://matueku.nagoya/pmebhqhodmz/index.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

225
Requests

99 %
HTTPS

56 %
IPv6

32
Domains

46
Subdomains

37
IPs

5
Countries

3765 kB
Transfer

6804 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://matueku.nagoya/hks5bc.php?redacted HTTP 301
https://matueku.nagoya/pmebhqhodmz/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL_vLAVOVgORBgWiNUPrgLplZ9VTfIcOtczRsGapucd0RjeGz2cHVGtWRZxbjHqncCxYdI02Jqh1XTbRQdvA6x5OjsZAh8&google_gid=CAESEAzbzYEsoC4yd6WsQ-6VRd4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJhWXZBQUFBVTcwdVNWTA&google_push=AYg5qPL_vLAVOVgORBgWiNUPrgLplZ9VTfIcOtczRsGapucd0RjeGz2cHVGtWRZxbjHqncCxYdI02Jqh1XTbRQdvA6x5OjsZAh8

Request Chain 80

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJVgmpp0MSREueyxzTFdCfnogX-lMORukKYhOwIp8OHnTxolkkZhuGK80WOO8RmIxM9HEPqq4eqMxuvmo2yW-_As3ECPUqM&google_gid=CAESED4y5jpngukIcE-Kp0bzfYk&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLyx2ogGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKVmdtcHAwTVNSRXVleXh6VEZkQ2Zub2dYLWxNT1J1a0tZaE93SXA4T0huVHhvbGtrWmh1R0s4MFdPTzhSbUl4TTlIRVBxcTRlcU14dXZtbzJ5Vy1fQXMzRUNQVXFN HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweXJoNkVpc3hIMVBzOWN6VUNqcEpNMnBOY0xJSHVZQWZqaDBSNnZQclVSSQ==&google_push

Request Chain 81

https://rtb.openx.net/sync/dds?google_gid=CAESEGreIlf0_r81isPeqjP37vs&google_cver=1&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGreIlf0_r81isPeqjP37vs&google_cver=1&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

Request Chain 82

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENMSdHOZFneJXgLO18ed-MY&google_cver=1&google_push=AYg5qPLqNyfHJ3GuPv3cwBuPAlEG6ZrZLVy3bVQRrP7YTYKhXpO4RH8epAIj8Lk1EYvmwcCwhjhtIRHb5gv7iKGjXRm4iQ5WZjO3 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENMSdHOZFneJXgLO18ed-MY&google_cver=1&google_push=AYg5qPLqNyfHJ3GuPv3cwBuPAlEG6ZrZLVy3bVQRrP7YTYKhXpO4RH8epAIj8Lk1EYvmwcCwhjhtIRHb5gv7iKGjXRm4iQ5WZjO3&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqNyfHJ3GuPv3cwBuPAlEG6ZrZLVy3bVQRrP7YTYKhXpO4RH8epAIj8Lk1EYvmwcCwhjhtIRHb5gv7iKGjXRm4iQ5WZjO3

Request Chain 83

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB-0az94WNFsUxsEgyGe0pE&google_cver=1&google_push=AYg5qPJkM_MyyeSpdKtj71offlnLyg8yjkV1gBq6EwnfG-MjHzdWRcwlxy7LZTixwrk_PTlesfbuweToV23ZiOrzq6F4hd7M8cEd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSk43QkotMTEtRzBSSg==&google_push=AYg5qPJkM_MyyeSpdKtj71offlnLyg8yjkV1gBq6EwnfG-MjHzdWRcwlxy7LZTixwrk_PTlesfbuweToV23ZiOrzq6F4hd7M8cEd

Request Chain 84

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U&google_cver=1&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U

Request Chain 105

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENMECE8y7p9M4Lyf0vfA75E&google_cver=1&google_push=AYg5qPJETzXZqakUmT9SKHWMtAWXpCwaC2fi9oOCsn-BuBXxD33Dh9EWxaTyuLlxaMdjAWtmSDZ2_LvLjcH_SBPtLPTgsoRdmQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJETzXZqakUmT9SKHWMtAWXpCwaC2fi9oOCsn-BuBXxD33Dh9EWxaTyuLlxaMdjAWtmSDZ2_LvLjcH_SBPtLPTgsoRdmQ&google_hm=nPWloB7Ne7jLqwGR30AGvQ

Request Chain 106

https://d.agkn.com/pixel/2175/?google_gid=CAESEJfKBsht6efRIIkaZXPJDvg&google_cver=1&google_push=AYg5qPLkg6YQstbhoqf9gnYK2wE1pbm0puV36AnDvd4d2SsZyMzc496f9t3xEEtSrV7KPie04CTGj7dI3kACKjnCFjMNodbjJCI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkg6YQstbhoqf9gnYK2wE1pbm0puV36AnDvd4d2SsZyMzc496f9t3xEEtSrV7KPie04CTGj7dI3kACKjnCFjMNodbjJCI&google_hm=Q0FFU0VKZktCc2h0NmVmUklJa2FaWFBKRHZn

Request Chain 108

https://rtb.openx.net/sync/dds?google_gid=CAESEE_hR1XvFJU6TaN6KfZiQRY&google_cver=1&google_push=AYg5qPJ_DlQYU0C72aiiQj-G7tCSTpHNuOJ5H7Hwyvhk5RgkjmYHHUKjrIccbjnqOchB_dtHgBMRITcVk0V3efB78YaMeinoiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ_DlQYU0C72aiiQj-G7tCSTpHNuOJ5H7Hwyvhk5RgkjmYHHUKjrIccbjnqOchB_dtHgBMRITcVk0V3efB78YaMeinoiw&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

Request Chain 109

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEs5nLcTPR6RwV1V6iYHN28&google_cver=1&google_push=AYg5qPLxo9OaSqeFe3TkkmDtfXVIG1VSufTiWmFYTMopt_GTX6Zlt-MkeitcEn0BK-ReD3uOv59CnyxYiakWABXCMWUPKee6rO0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLxo9OaSqeFe3TkkmDtfXVIG1VSufTiWmFYTMopt_GTX6Zlt-MkeitcEn0BK-ReD3uOv59CnyxYiakWABXCMWUPKee6rO0

Request Chain 110

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_cver=1&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ

Request Chain 120

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC8TfyONB-Fk6xv2ithfqO4&google_cver=1&google_push=AYg5qPLWAl5r-jL15xyn9oicvLeaDd3Och3KlDLWu4SOI4gXBOG64puNhJ1kBOX3db7w7qZ26hU42vtf1092XNKGIL0hiLQocNfQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLWAl5r-jL15xyn9oicvLeaDd3Och3KlDLWu4SOI4gXBOG64puNhJ1kBOX3db7w7qZ26hU42vtf1092XNKGIL0hiLQocNfQ&google_hm=nPWloB7Ne7jLqwGR30AGvQ

Request Chain 121

https://d.agkn.com/pixel/2175/?google_gid=CAESEHogvyyvz3QDre6rv02G4U0&google_cver=1&google_push=AYg5qPLha3SKjPRKksOsyVeoNKnql87Puabrah3T1WxRxD0Q9xXBJyioHT8mwmBRPrC6JZSCh1XQznBEDkfi8l-Rv-lB0jG-xRjF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLha3SKjPRKksOsyVeoNKnql87Puabrah3T1WxRxD0Q9xXBJyioHT8mwmBRPrC6JZSCh1XQznBEDkfi8l-Rv-lB0jG-xRjF&google_hm=Q0FFU0VIb2d2eXl2ejNRRHJlNnJ2MDJHNFUw

Request Chain 123

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJMGdFgpAeMWhuvh7coVYK9HyOX_97eMILSsrsgwJYYr38uGT4QnojZkNbJ3uFDc5M13MxJvFZwlNdTPz2KnHzOLud22TFX&google_gid=CAESENxqTNrLzRqRVcsUEk0h6P0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJMGdFgpAeMWhuvh7coVYK9HyOX_97eMILSsrsgwJYYr38uGT4QnojZkNbJ3uFDc5M13MxJvFZwlNdTPz2KnHzOLud22TFX&google_gid=CAESENxqTNrLzRqRVcsUEk0h6P0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTMxNjA3MjQwMDAxNTE2MTA3OTQ1Mg%3D%3D&google_push=AYg5qPJMGdFgpAeMWhuvh7coVYK9HyOX_97eMILSsrsgwJYYr38uGT4QnojZkNbJ3uFDc5M13MxJvFZwlNdTPz2KnHzOLud22TFX

Request Chain 124

https://rtb.openx.net/sync/dds?google_gid=CAESEJ80aBUbk6S2ckGFrFMh6x8&google_cver=1&google_push=AYg5qPKhLRoyJuZwqaffu-CM0IguME5NN2HiR8N6lu3LVqibn9sJCgRDNkUxi23OzjRpB21c5hWvsNf4xernKgilW_UirIXcy9Wd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLRoyJuZwqaffu-CM0IguME5NN2HiR8N6lu3LVqibn9sJCgRDNkUxi23OzjRpB21c5hWvsNf4xernKgilW_UirIXcy9Wd&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL_EZmpgxy7QUJpMA7tl-WE&google_cver=1&google_push=AYg5qPJ5GafwEFAqdu80Xt5o3Rs2eFrHXGRnHjUwMt5KimOZDotTF3DWs30SA9edkdTdJ2tBmObmJ7LXbYyRFpOfnd3MfrzIAzga HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5GafwEFAqdu80Xt5o3Rs2eFrHXGRnHjUwMt5KimOZDotTF3DWs30SA9edkdTdJ2tBmObmJ7LXbYyRFpOfnd3MfrzIAzga

Request Chain 126

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY

Request Chain 145

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COqo1eCwrvICFVjyuwgdviEOog;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c698181-fc50-11eb-b76a-692d015b28f2

Request Chain 155

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJWv1eCwrvICFSWK_QcdPn0Fsw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c693360-fc50-11eb-b76a-692d015b28f2

Request Chain 166

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNao1eCwrvICFcbkuwgdm0sHog;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c6a1dc0-fc50-11eb-b76a-692d015b28f2

Request Chain 223

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

225 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request index.html Show response
matueku.nagoya/pmebhqhodmz/
Redirect Chain

https://matueku.nagoya/hks5bc.php?redacted
https://matueku.nagoya/pmebhqhodmz/index.html

59 KB
15 KB

1278ms
1277ms

Document
text/html

183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 9455b5689abde0ee21f1befbcd397affd0be0793232e95347366ce9787c5b04a

Request headers

:method: GET
:authority: matueku.nagoya
:scheme: https
:path: /pmebhqhodmz/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 13 Aug 2021 16:07:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://matueku.nagoya/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip

Redirect headers

server: nginx
date: Fri, 13 Aug 2021 16:07:19 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /pmebhqhodmz/index.html

GET
H2 200 style.min.css
matueku.nagoya/wp-includes/css/dist/block-library/ 79 KB
14 KB 280ms
277ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 13:14:09 GMT
server: nginx
etag: W/"13abe-5c94864c8a81b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
matueku.nagoya/wp-includes/js/mediaelement/ 11 KB
3 KB 280ms
277ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

:path: /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 03:37:03 GMT
server: nginx
etag: W/"2bf8-5c2baa81d4a8e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 wp-mediaelement.min.css
matueku.nagoya/wp-includes/js/mediaelement/ 4 KB
1 KB 283ms
280ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

:path: /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 03:37:03 GMT
server: nginx
etag: W/"105a-5c2baa81d4a8e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 styles.css
matueku.nagoya/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 282ms
279ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 00:25:52 GMT
server: nginx
etag: W/"a50-5c78318b0df91"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 style.css
matueku.nagoya/wp-content/plugins/yyi-rinker/css/ 8 KB
2 KB 282ms
280ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/yyi-rinker/css/style.css?v=1.1.3&ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 2556190e10847285a8d70e7b91aa69d6f9e6ec852ad73f26f528a62384cdee45

Request headers

:path: /wp-content/plugins/yyi-rinker/css/style.css?v=1.1.3&ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 00:25:52 GMT
server: nginx
etag: W/"2156-5c78318b36419"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 style.css
matueku.nagoya/wp-content/themes/jin/ 475 KB
67 KB 293ms
291ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/themes/jin/style.css?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 67b8906cc807bbd99ef8c2c9e87b9defdc0e9aca4045ae567136335fbe9ed515

Request headers

:path: /wp-content/themes/jin/style.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 03:43:40 GMT
server: nginx
etag: W/"76bfc-5c2babfc56dba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 40ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2065783
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: JYR0WFQ7FT3N835G
x-amz-id-2: 9ZhcouJJGFsbTTCrmgyjv3NK8ciEq1i4PTafsxkEi/Ok9WJ/Inj9PBmUz0QCn9MlkjgcrT7rCbY=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyRemqNH9ZlZzlruK%2BBgaVYmpNhD6ghsWkUh8%2BzWA3f1oEfbeblc6%2Fd9GzB%2FZkQfPNMddpp7ykuEXVk9hOkWTScJHkfXf31K3uyI0zKRCUBVGkFCuAc3Ou7KQxFm0QLAirNZgH9JcCmLlSl8h%2FRQtbnf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 67e3322e6d654ec1-FRA

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.0.7/css/ 19 KB
3 KB 32ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.0.7/css/swiper.min.css?ver=5.8

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

289a425744bb9c0329c9570774ce5218404550d049b9d38a017ddaf479e70886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 582785
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2540
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vUjpBTuKCmiOfb5uwqUNBs5hLgiY4FYINsp0ulMiHtSkn7I1hzB0uAzAkfoiU1wmCF021bd49OfslYl5EpbGOKZ%2FbXkzEaVgM64gMr7XQWq5BgkTuwrQrqWMXWQFFX7%2F3W8IB84XcIo%2BjsHDsIc9dW6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e3322e68f94e08-FRA
expires: Wed, 03 Aug 2022 16:07:22 GMT

GET
H2 200 jetpack.css
matueku.nagoya/wp-content/plugins/jetpack/css/ 85 KB
21 KB 292ms
290ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/jetpack/css/jetpack.css?ver=9.9
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 93ab6f6495fbf73a22853a8a60d1242d1f5d2df60fa8b1634b9ac1712d72a32f

Request headers

:path: /wp-content/plugins/jetpack/css/jetpack.css?ver=9.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 02:25:10 GMT
server: nginx
etag: W/"15327-5c6e3d49c89c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=5.8

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 12:01:44 GMT

GET
H/1.1 200
OK xserver.js Show response
webfonts.xserver.jp/js/ 20 KB
8 KB 813ms
271ms Script
application/javascript 210.188.201.225
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.188.201.225 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 03:18:48 GMT
Server: nginx
ETag: W/"5d522c18-4e15"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 event-tracking.js Show response
matueku.nagoya/wp-content/plugins/yyi-rinker/js/ 598 B
793 B 292ms
290ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.1.3
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0

Request headers

:path: /wp-content/plugins/yyi-rinker/js/event-tracking.js?v=1.1.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
last-modified: Tue, 20 Jul 2021 00:25:52 GMT
server: nginx
etag: "256-5c78318b36801"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 598
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 vcdal.js Show response
aml.valuecommerce.com/ 46 KB
46 KB 30ms
7ms Script
application/javascript 2a04:4e42:600::737
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://aml.valuecommerce.com/vcdal.js
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::737 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 62c8e6952992facfbcee979786069de27885f6db1899caa3bcc297ea9b3fe9b3

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
via: 1.1 varnish
age: 65
x-guploader-uploadid: ADPycdud6aCX4u7QURLf9HNg16ESRVQMRLrZdFqnid6r_vjGL4YAXsiKA0riPWOPMWYwzoERQZuQIOha0jFCi-esuPY
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 46757
x-served-by: cache-fra19180-FRA
expires: Thu, 12 Aug 2021 04:25:40 GMT
last-modified: Fri, 06 Aug 2021 07:12:58 GMT
server: UploadServer
x-timer: S1628870843.451786,VS0,VE1
etag: "97a2b5d21c19872f3b08921436969934"
x-goog-hash: crc32c=uKnggA==, md5=l6K10hwZhy87CJIUNpaZNA==
x-goog-generation: 1628233978121364
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
cache-control: max-age=300
x-goog-stored-content-length: 46757
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 /
matueku.nagoya/ 4 KB
2 KB 783ms
782ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/?custom-css=83d79c8676
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: c6d4997731f1379986aeeb35185b7f88e7a79b54710f1066693423fbfe9a9bfc

Request headers

:path: /?custom-css=83d79c8676
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
expires: Sat, 13 Aug 2022 16:07:21 GMT

GET
H2 200 appreach.css
matueku.nagoya/wp-content/themes/jin/css/ 2 KB
793 B 291ms
290ms Stylesheet
text/css 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/themes/jin/css/appreach.css
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 031fc7bc66466f9e8bf4accb12349811169194e5ebe1f6d751d263bd8a4927fc

Request headers

:path: /wp-content/themes/jin/css/appreach.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:21 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 03:43:40 GMT
server: nginx
etag: W/"608-5c2babfc3b83a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
49 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49916
x-xss-protection: 0
server: cafe
etag: 16652301563836661712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 16:07:23 GMT

GET
H2 200 fee4a42ab536b1c6bcd02740e7280f5a.png
matueku.nagoya/wp-content/uploads/2020/08/ 14 KB
15 KB 278ms
277ms Image
image/png 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2020/08/fee4a42ab536b1c6bcd02740e7280f5a.png
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: ed4b862e775a07d5a84680447875e8b111bebefe4bbcc6c382f177fd0a3432ab

Request headers

:path: /wp-content/uploads/2020/08/fee4a42ab536b1c6bcd02740e7280f5a.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Sat, 29 Aug 2020 07:34:30 GMT
server: nginx
etag: "3972-5adff3326cd80"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14706
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 noimg480.png
matueku.nagoya/wp-content/themes/jin/img/ 3 KB
3 KB 277ms
277ms Image
image/png 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/themes/jin/img/noimg480.png
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 6c7b70af05846ddba3d29403b5238bc409d9b0676dd432752bdc5cce112a09a9

Request headers

:path: /wp-content/themes/jin/img/noimg480.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Thu, 20 May 2021 03:43:40 GMT
server: nginx
etag: "d3f-5c2babfbb9300"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3391
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 3c8edd2651a7ec990b5c8a633a4a6022-150x150.png
matueku.nagoya/wp-content/uploads/2019/03/ 18 KB
18 KB 278ms
278ms Image
image/png 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/03/3c8edd2651a7ec990b5c8a633a4a6022-150x150.png
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: c3c77dacda87425d8b50a808eaae23fcd06cd8f31b762f1246d053fba21e85c5

Request headers

:path: /wp-content/uploads/2019/03/3c8edd2651a7ec990b5c8a633a4a6022-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.1868816335.1628870844; _gid=GA1.2.1432740566.1628870844; _gat=1; __gads=ID=324671306e132912-22928c8fa9c90067:T=1628870843:RT=1628870843:S=ALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Wed, 20 Mar 2019 19:04:12 GMT
server: nginx
etag: "4819-5848b49800300"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18457
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 29865624769fdd92b4bf322d3b66a051-150x150.png
matueku.nagoya/wp-content/uploads/2019/03/ 14 KB
15 KB 278ms
277ms Image
image/png 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/03/29865624769fdd92b4bf322d3b66a051-150x150.png
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 3b7c0524d07f3bc0dada79a136f5a64679b5be122bb7e118c7ce661ace6443e9

Request headers

:path: /wp-content/uploads/2019/03/29865624769fdd92b4bf322d3b66a051-150x150.png
pragma: no-cache
cookie: _ga=GA1.2.1868816335.1628870844; _gid=GA1.2.1432740566.1628870844; _gat=1; __gads=ID=324671306e132912-22928c8fa9c90067:T=1628870843:RT=1628870843:S=ALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Wed, 20 Mar 2019 19:04:12 GMT
server: nginx
etag: "3946-5848b49800300"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14662
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 regenerator-runtime.min.js Show response
matueku.nagoya/wp-includes/js/dist/vendor/ 6 KB
3 KB 275ms
275ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

:path: /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 13:14:09 GMT
server: nginx
etag: W/"1906-5c94864c95bcb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 wp-polyfill.min.js Show response
matueku.nagoya/wp-includes/js/dist/vendor/ 16 KB
7 KB 275ms
275ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 13:14:09 GMT
server: nginx
etag: W/"4056-5c94864c96f53"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 index.js Show response
matueku.nagoya/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 281ms
277ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 00:25:52 GMT
server: nginx
etag: W/"32bb-5c78318b158a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 front.min.js Show response
matueku.nagoya/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 281ms
277ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path: /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 02:25:13 GMT
server: nginx
etag: W/"17cb-5c6e3d4c5ff08"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 common.js Show response
matueku.nagoya/wp-content/themes/jin/js/ 3 KB
2 KB 281ms
277ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/themes/jin/js/common.js?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: bada64afb66c6f3f10ea7b8980d72928a65c14af66fb3078b13fbdf4df2dd041

Request headers

:path: /wp-content/themes/jin/js/common.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 03:43:40 GMT
server: nginx
etag: W/"b9b-5c2babfbb9300"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 jin_h_icons.js Show response
matueku.nagoya/wp-content/themes/jin/js/ 894 B
1 KB 281ms
277ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/themes/jin/js/jin_h_icons.js?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 158a18565f178069b850c635be004b3ef679745d4604fa1a3e96e33c5de6ef3d

Request headers

:path: /wp-content/themes/jin/js/jin_h_icons.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Thu, 20 May 2021 03:43:40 GMT
server: nginx
etag: "37e-5c2babfbb9300"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 894
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H3-29 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.0.7/js/ 109 KB
26 KB 34ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.0.7/js/swiper.min.js?ver=5.8

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a305fd73b494dec3160fb0c10e80736c69f1d0a06edfa137c938e4a63d7139

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5000987
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25774
cf-request-id: 0ab7c8b29100004eb0e29d2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1b462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uSoNmnA6dFvdOgjD2a8DhG4HKnTNqW8DjbNUbQvWnnhEv8QiPGiPH0Th24A2AcLDvNPLxSVA%2BNkwobcAcCyIQFb9JyMYyOM%2B0WuBwXTaiUPT8o4cn4b7tqOeRGp9unoZYnzJLB3AIGn8YUUQdbVckc1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e33233882f4edf-FRA
expires: Wed, 03 Aug 2022 16:07:23 GMT

GET
H3-29 200 all.js Show response
use.fontawesome.com/releases/v5.6.3/js/ 1 MB
392 KB 40ms
29ms Script
application/javascript 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/js/all.js?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2065784
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: JYR323ECFS84M6PM
x-amz-id-2: Wf3Pp7BPk7hp82GIEu5h2M8o/GlftNKmnJejjbxeXLcFfimuWt7eHhkZRWmi9A5LyxfzcONiJQE=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"7b6ab1d5b8de4d3b0e2d8084ad292818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oj1VefG8mfNDqRBcmVjm9tW%2B3TaCyXvEgia7L3R9JeX8oaNe%2FwyEHm8TapFEqcKPi6g7gMsJ1WAxz8kmGg3nmfvFOCbhj%2BcWIDs774h62WkWiMM0FqCSIGO2MMmBDtimWR5WmvZz2zsB2Ic2M8XgYmHt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31556926
cf-ray: 67e3323379b50601-FRA

GET
H2 200 twitter-timeline.min.js Show response
matueku.nagoya/wp-content/plugins/jetpack/_inc/build/ 331 B
526 B 273ms
273ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 291b553dee180f838e513bf2580c9af27f8312320581e3c91029a7c4d5eb2fbc

Request headers

:path: /wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
pragma: no-cache
cookie: _ga=GA1.2.1868816335.1628870844; _gid=GA1.2.1432740566.1628870844; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Mon, 12 Jul 2021 02:25:10 GMT
server: nginx
etag: "14b-5c6e3d49bb6d0"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 331
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 wp-embed.min.js Show response
matueku.nagoya/wp-includes/js/ 1 KB
984 B 278ms
277ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
cookie: _ga=GA1.2.1868816335.1628870844; _gid=GA1.2.1432740566.1628870844; _gat=1; __gads=ID=324671306e132912-22928c8fa9c90067:T=1628870843:RT=1628870843:S=ALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 03:37:04 GMT
server: nginx
etag: W/"592-5c2baa8211800"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 e-202132.js Show response
stats.wp.com/ 9 KB
3 KB 60ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202132.js
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg
date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 31 Jul 2022 22:40:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
535 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 15:54:52 GMT
server: ESF
date: Fri, 13 Aug 2021 16:07:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 16:07:23 GMT

GET
H2 200 wp-emoji-release.min.js Show response
matueku.nagoya/wp-includes/js/ 18 KB
6 KB 279ms
279ms Script
application/javascript 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
cookie: _ga=GA1.2.1868816335.1628870844; _gid=GA1.2.1432740566.1628870844; _gat=1; __gads=ID=324671306e132912-22928c8fa9c90067:T=1628870843:RT=1628870843:S=ALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 13:14:09 GMT
server: nginx
etag: W/"4705-5c94864cb7ac3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H/1.1 200
OK checkdigit Show response
webfonts.xserver.jp/advance/ref/ja/107/ 1 B
314 B 801ms
266ms XHR
text/plain 210.188.201.225
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/advance/ref/ja/107/checkdigit?K18MUcZzRRA%3D
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserver.js?ver=1.2.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.188.201.225 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: cache
Date: Fri, 13 Aug 2021 16:07:23 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 1849
date: Fri, 13 Aug 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 17:36:34 GMT

GET
H2 404 index.html
matueku.nagoya/pmebhqhodmz/ 59 KB
59 KB 469ms
469ms Image
text/html 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/pmebhqhodmz/index.html
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 9455b5689abde0ee21f1befbcd397affd0be0793232e95347366ce9787c5b04a

Request headers

:path: /pmebhqhodmz/index.html
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://matueku.nagoya/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jin-icons.ttf
matueku.nagoya/wp-content/themes/jin/font/jin-icons/fonts/ 87 KB
87 KB 273ms
273ms Font
application/font-sfnt 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://matueku.nagoya/wp-content/themes/jin/font/jin-icons/fonts/jin-icons.ttf?c16tcv
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/wp-content/themes/jin/style.css?ver=5.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 1175821b44d75119ec3241cfec0646fcde90eae42db5fc756d2a272387c4c74a

Request headers

:path: /wp-content/themes/jin/font/jin-icons/fonts/jin-icons.ttf?c16tcv
pragma: no-cache
origin: https://matueku.nagoya
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: matueku.nagoya
referer: https://matueku.nagoya/wp-content/themes/jin/style.css?ver=5.8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://matueku.nagoya
Referer: https://matueku.nagoya/wp-content/themes/jin/style.css?ver=5.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Thu, 20 May 2021 03:43:40 GMT
server: nginx
etag: "15a28-5c2babfc3bc22"
content-type: application/font-sfnt
cache-control: max-age=604800
accept-ranges: bytes
content-length: 88616
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 image1-2-320x180.jpeg
matueku.nagoya/wp-content/uploads/2019/02/ 8 KB
8 KB 279ms
277ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/02/image1-2-320x180.jpeg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: bc6b4b7a3fac1c7da7d3999776e8024d11ea84fbbe27af155b76aff31c865e43

Request headers

:path: /wp-content/uploads/2019/02/image1-2-320x180.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Thu, 14 Feb 2019 22:26:54 GMT
server: nginx
etag: "203c-581e227db980c"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8252
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 image2-2-1-320x180.jpeg
matueku.nagoya/wp-content/uploads/2019/01/ 6 KB
7 KB 285ms
284ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/01/image2-2-1-320x180.jpeg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 61ac4a5ff58ceb425e80072de38da0534506abd6e84b02eb987365f49993c707

Request headers

:path: /wp-content/uploads/2019/01/image2-2-1-320x180.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Sat, 09 Feb 2019 13:27:24 GMT
server: nginx
etag: "1946-58176093ed726"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6470
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 44-320x180.jpg
matueku.nagoya/wp-content/uploads/2019/02/ 10 KB
10 KB 285ms
283ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/02/44-320x180.jpg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 52873229f933f7836258ea964c1c5d8ad901ebdeb99862d68ad4c63d055e795b

Request headers

:path: /wp-content/uploads/2019/02/44-320x180.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Mon, 13 Jul 2020 05:27:49 GMT
server: nginx
etag: "27d3-5aa4bf38e1f40"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10195
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 image6-2-320x180.jpeg
matueku.nagoya/wp-content/uploads/2019/02/ 14 KB
14 KB 279ms
277ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/02/image6-2-320x180.jpeg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: e5ce0103a24166b36c16d36c6211ca8eb04f67f763fd1d40e2cd3f6a7a1e238a

Request headers

:path: /wp-content/uploads/2019/02/image6-2-320x180.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Wed, 06 Feb 2019 08:51:10 GMT
server: nginx
etag: "3695-58135d3d6a863"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13973
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 7f5cd289c01a877c0c4849009822fabe_m-320x180.jpg
matueku.nagoya/wp-content/uploads/2018/09/ 4 KB
4 KB 276ms
275ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2018/09/7f5cd289c01a877c0c4849009822fabe_m-320x180.jpg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 105318ae82e349962a561c88f66614aace3b8a30935eca801d45d56ce3b93de8

Request headers

:path: /wp-content/uploads/2018/09/7f5cd289c01a877c0c4849009822fabe_m-320x180.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Tue, 08 Oct 2019 14:11:41 GMT
server: nginx
etag: "f65-59466bf52c140"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3941
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 83bb42e62bad26c5103c1671d48eace9-320x180.jpg
matueku.nagoya/wp-content/uploads/2019/02/ 12 KB
12 KB 276ms
275ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/02/83bb42e62bad26c5103c1671d48eace9-320x180.jpg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 703983f4c98778f3482a507637f6a86c98b2df47fc450379cb5883e66db180e3

Request headers

:path: /wp-content/uploads/2019/02/83bb42e62bad26c5103c1671d48eace9-320x180.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Mon, 13 Jul 2020 05:27:49 GMT
server: nginx
etag: "2e58-5aa4bf38e1f40"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11864
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 43-320x180.png
matueku.nagoya/wp-content/uploads/2018/10/ 28 KB
28 KB 279ms
278ms Image
image/png 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2018/10/43-320x180.png
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 438a5e0931adba17694d95d1de8faa1f124c417fbff865bdc462e579d5bea18c

Request headers

:path: /wp-content/uploads/2018/10/43-320x180.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Mon, 28 Jan 2019 03:01:00 GMT
server: nginx
etag: "6f14-5807be2ebf300"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28436
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 18-320x180.jpeg
matueku.nagoya/wp-content/uploads/2019/01/ 9 KB
9 KB 285ms
283ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/01/18-320x180.jpeg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: b7d08fb7c0dba174a900c7d72d109031ec51870375ea104839eefd8b35461f5a

Request headers

:path: /wp-content/uploads/2019/01/18-320x180.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Mon, 13 Jul 2020 05:23:42 GMT
server: nginx
etag: "22c7-5aa4be4d8742d"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8903
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 image3-3-320x180.jpeg
matueku.nagoya/wp-content/uploads/2019/01/ 9 KB
9 KB 285ms
283ms Image
image/jpeg 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2019/01/image3-3-320x180.jpeg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: ade952a0ae2d2f3d459ee36d35e3c05df5c1dcb91ca2847b7cb43192d8163d26

Request headers

:path: /wp-content/uploads/2019/01/image3-3-320x180.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Thu, 31 Jan 2019 01:40:38 GMT
server: nginx
etag: "226a-580b71d0bad01"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8810
expires: Fri, 20 Aug 2021 16:07:22 GMT

GET
H2 200 d7b690cbb9c05d108c7dd43202baa1fe.png
matueku.nagoya/wp-content/uploads/2020/08/ 92 KB
92 KB 275ms
275ms Image
image/png 183.90.238.43
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matueku.nagoya/wp-content/uploads/2020/08/d7b690cbb9c05d108c7dd43202baa1fe.png
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.43 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2342.xserver.jp
Software: nginx /
Resource Hash: 84d7f97fccafca3a8c9df992a96df30235e70f035126dd5aa84f31ecc59abb2e

Request headers

:path: /wp-content/uploads/2020/08/d7b690cbb9c05d108c7dd43202baa1fe.png
pragma: no-cache
cookie: _ga=GA1.2.1868816335.1628870844; _gid=GA1.2.1432740566.1628870844; _gat=1; __gads=ID=324671306e132912-22928c8fa9c90067:T=1628870843:RT=1628870843:S=ALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: matueku.nagoya
referer: https://matueku.nagoya/pmebhqhodmz/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://matueku.nagoya/pmebhqhodmz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:22 GMT
last-modified: Sat, 29 Aug 2020 07:34:30 GMT
server: nginx
etag: "16ee4-5adff3326cd80"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 93924
expires: Fri, 20 Aug 2021 16:07:22 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=609646908&t=pageview&_s=1&dl=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&ul=en-us&de=UTF-8&dt=%E3%83%9A%E3%83%BC%E3%82%B8%E3%81%8C%E8%A6%8B%E3%81%A4%E3%81%8B%E3%82%8A%E3%81%BE%E3%81%9B%E3%82%93%E3%81%A7%E3%81%97%E3%81%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=707154862&gjid=1109892248&cid=1868816335.1628870844&tid=UA-101852936-4&_gid=1432740566.1628870844&_r=1&_slc=1&z=2080530578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://matueku.nagoya
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 47ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4147299712708752&plah=matueku.nagoya

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 16:07:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 0A81 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 12 Aug 2021 22:05:12 GMT
expires: Thu, 26 Aug 2021 22:05:12 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 64931
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
660 B 117ms
50ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=matueku.nagoya&callback=_gfp_s_&client=ca-pub-4147299712708752

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4147299712708752&plah=matueku.nagoya

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f9d1da4e959e22fbedf487bfe7c50161c35bf289e8defd8ae44d18cd70f355f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=matueku.nagoya

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=matueku.nagoya

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B9A 24 KB
5 KB 171ms
157ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&adk=609411183&adf=4227508019&lmt=1628870843&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870843730&bpp=2&bdt=1127&idt=70&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8662907462898&frm=20&pv=2&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d703182fa906b5769942d40ed27201b757090b855d244782a7258b558091259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4147299712708752&output=html&adk=609411183&adf=4227508019&lmt=1628870843&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870843730&bpp=2&bdt=1127&idt=70&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8662907462898&frm=20&pv=2&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 16:07:23 GMT
server: cafe
content-length: 5210
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 16:22:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 16:07:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681433796959"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Fri, 13 Aug 2021 16:07:23 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B9A 0
20 B 27ms
27ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20210809&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&adk=609411183&adf=4227508019&lmt=1628870843&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870843730&bpp=2&bdt=1127&idt=70&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8662907462898&frm=20&pv=2&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=86

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=matueku.nagoya

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=matueku.nagoya

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B714 26 KB
11 KB 133ms
132ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=2571950858&adf=2766992343&pi=t.aa~a.1589882584~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=2&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0&nras=2&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VoUoXJMYr8&p=https%3A//matueku.nagoya&dtd=45

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

215e77aaae9503edc9beed59c1a9681456f86a6e37838479bfbc467f10ae7e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=2571950858&adf=2766992343&pi=t.aa~a.1589882584~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=2&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0&nras=2&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VoUoXJMYr8&p=https%3A//matueku.nagoya&dtd=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 16:07:24 GMT
server: cafe
content-length: 10966
x-xss-protection: 0
set-cookie: IDE=AHWqTUlAF5qGSDl5l1-pT7xAHbKeiMz0ie8Nv7FbGo8y5Epv-fDv-yE2xZdPk1y_2Hc; expires=Wed, 07-Sep-2022 16:07:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AD5 26 KB
11 KB 166ms
166ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14592aca0474ebd0bb16b19cb0de1e966aa71a70f7c48a954383cb65078b936f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 16:07:24 GMT
server: cafe
content-length: 11009
x-xss-protection: 0
set-cookie: IDE=AHWqTUkJ1SQG4aGMLVN7RrPb6_5YVzrYoNFXJRJ78OTduLbYSpY9D6z5mnyOEMWzZyg; expires=Wed, 07-Sep-2022 16:07:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4365 26 KB
11 KB 126ms
126ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a086b2e442c77463a19f5c75fa8444978ba1a956c489fd816bfaa63690462a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 16:07:24 GMT
server: cafe
content-length: 10756
x-xss-protection: 0
set-cookie: IDE=AHWqTUnJdA2IkEV6hTU4GPTqorUXv6F9J3oL8mj-jadjUVHT7PCT_zYiATOuoLqouTA; expires=Wed, 07-Sep-2022 16:07:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3375 436 B
236 B 121ms
121ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=100&adk=1917092608&adf=3651687592&pi=t.aa~a.3460836689~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=350x100&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600%2C1200x90&nras=5&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=4110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ipKnliYsuN&p=https%3A//matueku.nagoya&dtd=67

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

596611208874ece3e1115bf5d043121769c780955bb45d67dfd24cfd1ed32326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4147299712708752&output=html&h=100&adk=1917092608&adf=3651687592&pi=t.aa~a.3460836689~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=350x100&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600%2C1200x90&nras=5&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=4110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=ipKnliYsuN&p=https%3A//matueku.nagoya&dtd=67
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Aug 2021 16:07:24 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUlH8S2NMsBGOcFhPieLeS6hkX2GBMPYiFZPqBGFd6ZBtQWz_EhagDHC666S8-k; expires=Wed, 07-Sep-2022 16:07:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: private

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 26ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js?ver=4.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/673A)
Age: 6
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 87A0 0
0 33ms
31ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPPyRvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTOAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zxJCoWSrWhmB_XloWaGXyu9TugAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDE0NzI5OTcxMjcwODc1MhgA&sigh=VgaEiNMLqtE

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=2571950858&adf=2766992343&pi=t.aa~a.1589882584~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=2&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0&nras=2&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VoUoXJMYr8&p=https%3A//matueku.nagoya&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 16:07:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 87A0 0
0 34ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g2b2a0fxqbrv1hdr9dmmfr14jasyj2r4r5jh3rm971tzq5ssp0g5ezza0jg3jtjqc3a3vs2xzrnwe9xgmnq492zfvwchpydk057ebn1rkpzq660ep2z0wmqwbxm295he3b7xk6hvaqa3wwzkqj20e3939ydwthq4h8mtax5nv5nmpcw7ztajk96jbspt3m06zfrrvt975e6mcma5yzsdwbjmwh98k6h5h35ww7qq04g0x2ne2nxcp5r251f7y08g1rjyjhf06mh2gcw48wbzpw2nse4xavmfpfxty7jjy0g1rgtqzgm78hp1d63ntyw97cgfrg7y4pdevz62h1eg6yx86ch90nwryqzrhssf90eap9regm60fm2x7aw6k6ajsdxx1es&b=YRaYvAABQXMKiwcVAAUbcBURPjBwwPRu6VcRnQ
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 7820 2 KB
2 KB 40ms
23ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=2571950858&adf=2766992343&pi=t.aa~a.1589882584~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=2&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0&nras=2&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VoUoXJMYr8&p=https%3A//matueku.nagoya&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53dbfb97dbd4cfb29454dc7f11c90f3d656cbca4070bddc48e5866898083004

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67e332386ddb175e-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 87A0 2 KB
1 KB 37ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 16:06:38 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 393D 1 KB
749 B 7ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 11:56:19 GMT
expires: Sat, 14 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 15065
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87A0 124 KB
37 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 16:07:24 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 87A0 14 KB
7 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 16:06:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 87A0 0
0 15ms
13ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5PhuImnvfeaYrANAiqj7EN75s7kjrhfj14tba4YzvS8jg1-1v9gs5bbueQvRJ9I0HYbuDm2VZenbvK98exQj7N1QADg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=2571950858&adf=2766992343&pi=t.aa~a.1589882584~rp.4&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=2&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0&nras=2&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=1885&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VoUoXJMYr8&p=https%3A//matueku.nagoya&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1BC0 0
0 33ms
31ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnrG8vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTIAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PG4-uMBwHiGlkek8nvEifBYXvgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MTQ3Mjk5NzEyNzA4NzUyGAA&sigh=31chRp6RpRo

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 16:07:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1BC0 0
0 936ms
935ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kmxj7hhs2j4s1g8f83k1rch3627k07h8sr7jeh7hf3ayw7nzjn4t9epkpgf91fq8hhabz1tjhh079dtkskr88qpcmk23edvx522y8q7st8fb7xtv90860veqt6kdwyskxfdwdrn3t1qmf73zkc4tw9xgjf9nsfpr38gcx84x1hywsdccvrvhsq4p0kn5dpzcc06gg8mrekxjde19a5xxsx8j49yxjc0f22abppnhgjbn03tp1x1hxrzdhkv4a775fhxwa4ehc6mk4vjw0sdtawwr8cs7ypvw8t7kg9dr1n69n4xjy0czs1j92j5qxbtmjmdp1108cwvbjg5fqgs8zz7zyjwbjfbyn48xfrrh0vxb838kbdqb9mm82b3q3k92sqcjcwe&b=YRaYvAABoY4Kd4rHAAR1PEg5qc_sEDZqTRvHLA
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Aug 2021 16:07:25 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 334E 2 KB
1 KB 25ms
22ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30e011d9f62e225dbfc33b0cc35f7496fdfd53f2fd7bac731885efa998ba2451

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67e332387dfb175e-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 1BC0 2 KB
1 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 16:06:38 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0DCC 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 11:56:19 GMT
expires: Sat, 14 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 15065
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BC0 124 KB
37 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 16:07:24 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 1BC0 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 16:06:04 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 393D 35 B
463 B 31ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMUmM5ZHRFtwdfH-AB5Z8iY&google_cver=1&google_push=AYg5qPJuSNomwZ_bA8ZOJBKnRW7U5ekaennZm8YmThUBkIPbf-hqmBWz_Ee28G--bM9LAtOLpVTKf-9rVn63_QKsGAqXIw-GIAhh

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 393D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL_vLAVOVgORBgWiNUPrgLplZ9VTfIcOtczRsG...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJhWXZBQUFBVTcwdVNWTA&google_push=AYg5qPL_vLAVOVgORBgWiNUPrgLplZ9VTfIcOtczRsGapucd0RjeGz2cHVGtWRZxbjHqncCxYdI02Jqh1XTbRQdvA6x5OjsZAh8

170 B
188 B

79ms
41ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJhWXZBQUFBVTcwdVNWTA&google_push=AYg5qPL_vLAVOVgORBgWiNUPrgLplZ9VTfIcOtczRsGapucd0RjeGz2cHVGtWRZxbjHqncCxYdI02Jqh1XTbRQdvA6x5OjsZAh8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVJhWXZBQUFBVTcwdVNWTA&google_push=AYg5qPL_vLAVOVgORBgWiNUPrgLplZ9VTfIcOtczRsGapucd0RjeGz2cHVGtWRZxbjHqncCxYdI02Jqh1XTbRQdvA6x5OjsZAh8
Date: Fri, 13 Aug 2021 16:07:24 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 393D
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJVgmpp0MSREueyxzTFdCfnogX-lMORukKYhOwIp8OHnTxolkkZhuGK80WOO8RmIxM9HEPqq4eqMxuvmo2yW-_As3ECPUqM&google_gid=CAESED4y5jpngukIcE-Kp0bzfYk&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLyx2ogGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKVmdtcHAwTVNSRXVleXh6VEZkQ2Zub2dYLWxNT1J1a0tZaE93SXA4T0huVHhvbGtrWmh1R0s4MFdPTzhSbUl4TTlIRVBxcTRlcU14dXZtbz...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweXJoNkVpc3hIMVBzOWN6VUNqcEpNMnBOY0xJSHVZQWZqaDBSNnZQclVSSQ==&google_push

170 B
188 B

47ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweXJoNkVpc3hIMVBzOWN6VUNqcEpNMnBOY0xJSHVZQWZqaDBSNnZQclVSSQ==&google_push

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweXJoNkVpc3hIMVBzOWN6VUNqcEpNMnBOY0xJSHVZQWZqaDBSNnZQclVSSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 393D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGreIlf0_r81isPeqjP37vs&google_cver=1&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx
https://rtb.openx.net/sync/dds?google_gid=CAESEGreIlf0_r81isPeqjP37vs&google_cver=1&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

170 B
188 B

45ms
42ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:23 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICAePMCRSYqxibBcJVzqjPTC_oLXvSg9LiHcUt2lMF7YlWVsWTGviXClHpFvtYbaqsJUDOF3zGAvYpzMpGHaLZhiVWv4Wx&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: jao3mh17c9ufgdgkfj04ldtfaitdfska

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 393D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
40ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqNyfHJ3GuPv3cwBuPAlEG6ZrZLVy3bVQRrP7YTYKhXpO4RH8epAIj8Lk1EYvmwcCwhjhtIRHb5gv7iKGjXRm4iQ5WZjO3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqNyfHJ3GuPv3cwBuPAlEG6ZrZLVy3bVQRrP7YTYKhXpO4RH8epAIj8Lk1EYvmwcCwhjhtIRHb5gv7iKGjXRm4iQ5WZjO3
date: Fri, 13 Aug 2021 16:07:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 393D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB-0az94WNFsUxsEgyGe0pE&google_cver=1&google_push=AYg5qPJkM_MyyeSpdKtj71offlnLyg8yjkV1gBq6EwnfG-MjHzdWRcwlxy7LZTixwrk_PTlesfb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSk43QkotMTEtRzBSSg==&google_push=AYg5qPJkM_MyyeSpdKtj71offlnLyg8yjkV1gBq6EwnfG-MjHzdWRcwlxy7LZTixwrk_PTlesfbuweToV23ZiOrzq6F4hd7M8cEd

170 B
188 B

63ms
41ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSk43QkotMTEtRzBSSg==&google_push=AYg5qPJkM_MyyeSpdKtj71offlnLyg8yjkV1gBq6EwnfG-MjHzdWRcwlxy7LZTixwrk_PTlesfbuweToV23ZiOrzq6F4hd7M8cEd

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NBSk43QkotMTEtRzBSSg==&google_push=AYg5qPJkM_MyyeSpdKtj71offlnLyg8yjkV1gBq6EwnfG-MjHzdWRcwlxy7LZTixwrk_PTlesfbuweToV23ZiOrzq6F4hd7M8cEd
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 393D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 393D 0
253 B 108ms
38ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiJKxXeR_82t7NNAGKbklw6qJbeFaB4ikCJTPpsCaTIwxFwc5V5fYl3T1OCfgHwL4I5SbT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 87A0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 627c35c30f22be8351ae854926cd49479474199ff19121692a487b3ce4f96460

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 20ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.9&blog=151543013&post=0&tz=9&srv=matueku.nagoya&host=matueku.nagoya&ref=&fcp=3828&rand=0.9999240573674837
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v24/ 13 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v24/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://matueku.nagoya
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:55:15 GMT
x-content-type-options: nosniff
age: 335529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 18:33:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 18:55:15 GMT

GET
H2 200 bf.png
a.imgvc.com/i/ 107 B
319 B 1037ms
263ms Image
image/png 35.75.84.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.84.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-84-12.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 94fc9daaf3ace4fac15ecdea08da411e585ce6a3b3282c3b7ea65529c9cc5277

Request headers

Origin: https://matueku.nagoya
Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx
front-end-https: on
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000, private
content-length: 107
expires: Sun, 13 Aug 2023 16:07:25 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 4ECE 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmatueku.nagoya
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://matueku.nagoya/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 349747
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Aug 2021 16:07:24 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6752)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
DATA 200
OK truncated
/ Frame 1BC0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8745aa85799d6399edaef53617793a4914e6904e0e63667ce6521a2a59d5f58e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7769 0
0 32ms
32ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsPx1vJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMgBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkVNtXHByg_9JNOyhdcqy1KvXIqABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MTQ3Mjk5NzEyNzA4NzUyGAA&sigh=iJnvyhSttOE

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 Aug 2021 16:07:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7769 0
0 16ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jw5z17t1cp3w9ys506m4smaw0ygws1tsahj9krdn4qv9beq5k58yfz0tm13zk6nj0c3k02f2j4j36ms24grqdykpkhjnectbk9tm97jjm9mp5va20t5heyaxrvmg05r7h5yfa029beeczydawqytvj25ba54g94ne3kkjbntj0ry3a1hwp2vy20c0b3p3qpm9ffr8d70qew3w080v39q1zwngby9dfg5d7gvryyzxrhee0v71v4hram0cve6d8mnq6bw5tnkvme6h3y7rjk33wv5ek2pggmce8j5z1p96n20bwk1wjcjqkx43b9brpsg38210ryx2raw0r6rffqyfth7yx3esn6vxh7pzbedwhyphrgacvsqexa4tsb3mw3g1csjhpk&b=YRaYvAABf18Kd70FAAJzL8MporVKfN3fp6ySZg
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame 1286 2 KB
2 KB 32ms
22ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53bf59da66295316a4f9c8555e60934c1729deeb6f614a6d07e202aa6530bebc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67e332398b984e50-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 7769 2 KB
1 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 16:06:38 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 898E 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 11:56:19 GMT
expires: Sat, 14 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 15065
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7769 124 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628681446738120"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38222
x-xss-protection: 0
expires: Fri, 13 Aug 2021 16:07:24 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 7769 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 16:06:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7769 0
0 14ms
13ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk0Yksn2T6Qd5A26nurJSTUrysUKzeRxxK7OHaWWExSRwKrGsM-0uk_RSD2OXv6w5qOKfbA7bYBd7w6i4JU4rSNbHkfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ab.woff
webfonts.xserver.jp/ 17 KB
18 KB 514ms
514ms Font
font/woff 210.188.201.225
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/ab.woff
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.188.201.225 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552

Request headers

Origin: https://matueku.nagoya
Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:23 GMT
Last-Modified: Fri, 26 Feb 2021 05:26:27 GMT
Server: nginx
ETag: "60388683-4578"
X-Cache-Status: HIT
Access-Control-Max-Age: 31536000
Access-Control-Allow-Methods: GET
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17784

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 7820 58 KB
59 KB 24ms
23ms Stylesheet
text/css 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3994506
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4gfakXW0L1TngcXC13WqNhZ3QqKUibeCU%2FSFGRO0dR2JINA46mBhCDH8dCekC%2F7m5DVdIUUzMIhhe2ikn9Oq0C5KRqWvlFbg9YfGAZtfrsuopfiB1PlAge2Y%2BzwMHaTBDO2NT8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67e33239abe34e50-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 7820 36 KB
13 KB 17ms
16ms Script
application/javascript 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21530
x-guploader-uploadid: ADPycdu31AQ7rU9EUT7YB6UhnS0p7quFEYVdVYLanfHa9Lp5vDg0kq-_BxANdScNtJ7XXwSWRa7CRWpltRTCNIE8nTf00MFEyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FFRN2h%2B4P7Q50SxGYoH1kmvC7isth%2FsIlVmfKzFHPfrT%2BlDEXIuX%2FFqVwgofDwBRShT3Eg%2FG%2BBFtlWlcFyNt9TemtivWU81EaKx5gRdSu6dGW0F4YZzh7cyVPBSnvyGR%2BLGX7s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67e33239abe64e50-FRA
expires: Fri, 13 Aug 2021 10:08:34 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 334E 58 KB
59 KB 23ms
22ms Stylesheet
text/css 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3994506
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3f2iJulh9uyFYaelB5x1StrzTAyxyx5sPlk6oIwCfevDIdaWHuz0KNZlh8h3yJnPcpwA4gxpZFQLopy9TLNCelK%2BLUkuCMiloglUq%2BBg%2BwnH%2FMDu72Knvs1GBgDLARuVkL%2FWmI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67e33239bbf24e50-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 334E 36 KB
13 KB 19ms
18ms Script
application/javascript 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21530
x-guploader-uploadid: ADPycdu31AQ7rU9EUT7YB6UhnS0p7quFEYVdVYLanfHa9Lp5vDg0kq-_BxANdScNtJ7XXwSWRa7CRWpltRTCNIE8nTf00MFEyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIddTGyNkENimhWumPWV6U46zrGau3ri%2Br9DbutgL%2FgR0t%2FuKw7RedqkNVNNFE1zmxqH%2BT%2B6MSVxkRD2UiOUAQ%2FoBj94U05e%2Fu6SZ6n%2BQfpB0pKQVJyAGQzOJoPbIneT4wh0w0M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67e33239bbf44e50-FRA
expires: Fri, 13 Aug 2021 10:08:34 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0DCC
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENMECE8y7p9M4Lyf0vfA75E&google_cver=1&google_push=AYg5qPJETzXZqakUmT9SKHWMtAWXpCwaC2fi9oOCsn-BuBXxD33Dh9EWxa...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJETzXZqakUmT9SKHWMtAWXpCwaC2fi9oOCsn-BuBXxD33Dh9EWxaTyuLlxaMdjAWtmSDZ2_LvLjcH_SBPtLPTgsoRdmQ&google_hm=nPWloB7N...

170 B
188 B

40ms
40ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJETzXZqakUmT9SKHWMtAWXpCwaC2fi9oOCsn-BuBXxD33Dh9EWxaTyuLlxaMdjAWtmSDZ2_LvLjcH_SBPtLPTgsoRdmQ&google_hm=nPWloB7Ne7jLqwGR30AGvQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJETzXZqakUmT9SKHWMtAWXpCwaC2fi9oOCsn-BuBXxD33Dh9EWxaTyuLlxaMdjAWtmSDZ2_LvLjcH_SBPtLPTgsoRdmQ&google_hm=nPWloB7Ne7jLqwGR30AGvQ
pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0DCC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJfKBsht6efRIIkaZXPJDvg&google_cver=1&google_push=AYg5qPLkg6YQstbhoqf9gnYK2wE1pbm0puV36AnDvd4d2SsZyMzc496f9t3xEEtSrV7KPie04CTGj7dI3kACKjnCFjMNodbjJCI
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkg6YQstbhoqf9gnYK2wE1pbm0puV36AnDvd4d2SsZyMzc496f9t3xEEtSrV7KPie04CTGj7dI3kACKjnCFjMNodbjJCI&google_hm=Q0FFU0VKZktCc2h0NmVmUk...

170 B
188 B

39ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkg6YQstbhoqf9gnYK2wE1pbm0puV36AnDvd4d2SsZyMzc496f9t3xEEtSrV7KPie04CTGj7dI3kACKjnCFjMNodbjJCI&google_hm=Q0FFU0VKZktCc2h0NmVmUklJa2FaWFBKRHZn

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLkg6YQstbhoqf9gnYK2wE1pbm0puV36AnDvd4d2SsZyMzc496f9t3xEEtSrV7KPie04CTGj7dI3kACKjnCFjMNodbjJCI&google_hm=Q0FFU0VKZktCc2h0NmVmUklJa2FaWFBKRHZn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 0DCC 43 B
324 B 81ms
31ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHy2sH3xTxG-bEoleYOvOcw&google_push=AYg5qPIWvkQOFPyfYcdIYWNNRTeLNw7yja1muOyLB3FlvQxciwcqcSBCeopNTOYV6l0qJRJ1xRVDhfRWPBdY5hv7aTzqTKnVUw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0DCC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE_hR1XvFJU6TaN6KfZiQRY&google_cver=1&google_push=AYg5qPJ_DlQYU0C72aiiQj-G7tCSTpHNuOJ5H7Hwyvhk5RgkjmYHHUKjrIccbjnqOchB_dtHgBMRITcVk0V3efB78YaMeinoiw
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ_DlQYU0C72aiiQj-G7tCSTpHNuOJ5H7Hwyvhk5RgkjmYHHUKjrIccbjnqOchB_dtHgBMRITcVk0V3efB78YaMeinoiw&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

170 B
188 B

40ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ_DlQYU0C72aiiQj-G7tCSTpHNuOJ5H7Hwyvhk5RgkjmYHHUKjrIccbjnqOchB_dtHgBMRITcVk0V3efB78YaMeinoiw&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ_DlQYU0C72aiiQj-G7tCSTpHNuOJ5H7Hwyvhk5RgkjmYHHUKjrIccbjnqOchB_dtHgBMRITcVk0V3efB78YaMeinoiw&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: jn68ev1j10o398dn8j3k2m50mhin45p7

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0DCC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

39ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLxo9OaSqeFe3TkkmDtfXVIG1VSufTiWmFYTMopt_GTX6Zlt-MkeitcEn0BK-ReD3uOv59CnyxYiakWABXCMWUPKee6rO0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLxo9OaSqeFe3TkkmDtfXVIG1VSufTiWmFYTMopt_GTX6Zlt-MkeitcEn0BK-ReD3uOv59CnyxYiakWABXCMWUPKee6rO0
date: Fri, 13 Aug 2021 16:07:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 0DCC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBG...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 0DCC 43 B
297 B 69ms
20ms Image
image/gif 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF6cB26ZxDpxo7q93z8d5GY&google_cver=1&google_push=AYg5qPJETn7eu-3_qcuep2STHWUoWj6qAXsaVMMuQgwyLfHvAE4RkgUICm3kvWCL4kmBl0A9yIHKsXj4dNmSLaCAysdBNXILxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=90&adk=4075249447&adf=2522545985&pi=t.aa~a.563595428~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=1200x90&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1417&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600%2C280x600&nras=4&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3975&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jBuzn89712&p=https%3A//matueku.nagoya&dtd=64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0DCC 0
12 B 41ms
37ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZFFbeopzA4Amv3AW6BXRL6xvHOKrLbhk8S_5SVO2g2DG8xDnD3zC0odbEei2vwmhsFaXy

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 7769 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbad54ab828729cd67283f8761195cfa4dcebfae9edfb25eb696e6346d4d3a3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame 1286 58 KB
59 KB 24ms
23ms Stylesheet
text/css 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3994506
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3DMfhRdQI3YjbMxNpLNjF%2BchiedtAtrpLXNw5vjICvEbTl2IRXxHP72emG2zHJ6AU%2FBuKi66GxPNjZ4LhtseBvT05wR%2BuzeYiJ8TCzfAT%2BRkuwwDjq14KXaWUgCYVsL7mtDXdE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 67e3323a0cba4e50-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 1286 36 KB
13 KB 18ms
18ms Script
application/javascript 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21530
x-guploader-uploadid: ADPycdu31AQ7rU9EUT7YB6UhnS0p7quFEYVdVYLanfHa9Lp5vDg0kq-_BxANdScNtJ7XXwSWRa7CRWpltRTCNIE8nTf00MFEyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKlJgNe8OxGlZwQFMsL06iLQtk7SkEFVkOY1ND2JJezKx5LuTTR%2B2z8IlDNr3%2BR82KL4vLuzws6fVQvq17o9hiE04PJJ3mfUIbKTNl%2F%2BFUtQMhJfzkNWknmvP%2FeHlQlvSnWnMn8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 67e3323a0cc54e50-FRA
expires: Fri, 13 Aug 2021 10:08:34 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7820 3 KB
3 KB 41ms
21ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5628462
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmh0M7%2BaW0X1VBHNn038TUJ8I5ziFMWcdW23eznOvdtp%2B9MI6%2FbQbUs0CgaYx3%2FOY4ITXLWBDCeMaexTE8yXaQLVml9paF%2FGHlZAnsRKSZv8ul81i5dj8ZLbmJvQyXXuamO8itF9y3BwEEqliDTMZwY9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67e3323a3e370eb7-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 334E 3 KB
4 KB 36ms
18ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5628462
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6AiQ3sZUfG5V%2BQgT%2BUZUHvAai6%2BBJ4SsJlZbjoePOWhTqS%2Bh3%2Blc1GEx9i2RZ945ZVnAU3R%2FyEe0BzcVRjDS3lUSwf%2BJy4Wu98OexO9sSqe5CNuUrMYq9gFywWPhV6idSFctFWuaxpIJFM8QNpRe8XIVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67e3323a3e3b0eb7-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 152D 2 KB
2 KB 20ms
19ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 13 Aug 2021 17:07:24 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1710686
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9Q37praAp3XKtyZqaAH%2BOHBzNzwvfCbIiFAV985JUAjxE1uGw%2FHGPZPNZT3aNRJispsUsGU6iMi%2F3IWSQzsajso5RcenhbBXTS1mS1VRbgkLf40sQ5sMKrNsgOG0JUWk2mus80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67e3323a2d1a4e50-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 07FC 2 KB
2 KB 17ms
16ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 13 Aug 2021 17:07:24 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1710686
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmFFVWIXag2J3W%2FDr4pTBReJvaEjEwGhpgny7Lfq3VLBf0JMp%2BePqiWfDhaR7HYjR65Ls1JVQSgz37OapkUu8qDq1GFuQXuamads64geg6zRsEjdKjlN6JKZ5gFU382LF6V8XWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67e3323a2d1b4e50-FRA
content-encoding: br

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 898E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC8TfyONB-Fk6xv2ithfqO4&google_cver=1&google_push=AYg5qPLWAl5r-jL15xyn9oicvLeaDd3Och3KlDLWu4SOI4gXBOG64puNhJ...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLWAl5r-jL15xyn9oicvLeaDd3Och3KlDLWu4SOI4gXBOG64puNhJ1kBOX3db7w7qZ26hU42vtf1092XNKGIL0hiLQocNfQ&google_hm=nPWloB...

170 B
188 B

40ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLWAl5r-jL15xyn9oicvLeaDd3Och3KlDLWu4SOI4gXBOG64puNhJ1kBOX3db7w7qZ26hU42vtf1092XNKGIL0hiLQocNfQ&google_hm=nPWloB7Ne7jLqwGR30AGvQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLWAl5r-jL15xyn9oicvLeaDd3Och3KlDLWu4SOI4gXBOG64puNhJ1kBOX3db7w7qZ26hU42vtf1092XNKGIL0hiLQocNfQ&google_hm=nPWloB7Ne7jLqwGR30AGvQ
pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 898E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEHogvyyvz3QDre6rv02G4U0&google_cver=1&google_push=AYg5qPLha3SKjPRKksOsyVeoNKnql87Puabrah3T1WxRxD0Q9xXBJyioHT8mwmBRPrC6JZSCh1XQznBEDkfi8l-Rv-lB0jG-xRjF
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLha3SKjPRKksOsyVeoNKnql87Puabrah3T1WxRxD0Q9xXBJyioHT8mwmBRPrC6JZSCh1XQznBEDkfi8l-Rv-lB0jG-xRjF&google_hm=Q0FFU0VIb2d2eXl2ejNRR...

170 B
188 B

39ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLha3SKjPRKksOsyVeoNKnql87Puabrah3T1WxRxD0Q9xXBJyioHT8mwmBRPrC6JZSCh1XQznBEDkfi8l-Rv-lB0jG-xRjF&google_hm=Q0FFU0VIb2d2eXl2ejNRRHJlNnJ2MDJHNFUw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:23 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLha3SKjPRKksOsyVeoNKnql87Puabrah3T1WxRxD0Q9xXBJyioHT8mwmBRPrC6JZSCh1XQznBEDkfi8l-Rv-lB0jG-xRjF&google_hm=Q0FFU0VIb2d2eXl2ejNRRHJlNnJ2MDJHNFUw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 898E 42 B
317 B 27ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKyVJtqkLvepXMuKsqYMqxGATv4voPWmbwKwAKb_yc5fXZOmncARZFH9-AZsbeV0XcQoc1kmRPO0ZbJA3WExbOLIjkoIwg&google_gid=CAESEHtuFOhm9T9ZiYTAEqot94E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4147299712708752&output=html&h=600&adk=591366103&adf=1107396522&pi=t.aa~a.739099641~rp.3&w=280&fwrn=4&fwrnh=100&lmt=1628870844&rafmt=1&to=qs&pwprc=7785994217&psa=0&format=280x600&url=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628870844019&bpp=1&bdt=1416&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D324671306e132912-22928c8fa9c90067%3AT%3D1628870843%3ART%3D1628870843%3AS%3DALNI_MZGMg13tqCjH-Ahg7mDqbovMZb4Mw&prev_fmts=0x0%2C280x600&nras=3&correlator=8662907462898&frm=20&pv=1&ga_vid=1868816335.1628870844&ga_sid=1628870844&ga_hid=609646908&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1065&ady=2890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062178%2C31062297&oid=3&pvsid=337981778896919&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=tWsGGsZmqN&p=https%3A//matueku.nagoya&dtd=61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 898E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJMGdFg...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJMGdFg...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTMxNjA3MjQwMDAxNTE2MTA3OTQ1Mg%3D%3D&google_push=AYg5qPJMGdFgpAeMWhuvh7coVYK9HyOX_97eMILSsrsgwJYYr38uGT4QnojZkNbJ3uFDc5...

170 B
188 B

40ms
40ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTMxNjA3MjQwMDAxNTE2MTA3OTQ1Mg%3D%3D&google_push=AYg5qPJMGdFgpAeMWhuvh7coVYK9HyOX_97eMILSsrsgwJYYr38uGT4QnojZkNbJ3uFDc5M13MxJvFZwlNdTPz2KnHzOLud22TFX

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MTMxNjA3MjQwMDAxNTE2MTA3OTQ1Mg%3D%3D&google_push=AYg5qPJMGdFgpAeMWhuvh7coVYK9HyOX_97eMILSsrsgwJYYr38uGT4QnojZkNbJ3uFDc5M13MxJvFZwlNdTPz2KnHzOLud22TFX
pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 13 Aug 2021 16:07:24 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 898E
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJ80aBUbk6S2ckGFrFMh6x8&google_cver=1&google_push=AYg5qPKhLRoyJuZwqaffu-CM0IguME5NN2HiR8N6lu3LVqibn9sJCgRDNkUxi23OzjRpB21c5hWvsNf4xernKgilW_UirIXcy9Wd
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLRoyJuZwqaffu-CM0IguME5NN2HiR8N6lu3LVqibn9sJCgRDNkUxi23OzjRpB21c5hWvsNf4xernKgilW_UirIXcy9Wd&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

170 B
188 B

40ms
40ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLRoyJuZwqaffu-CM0IguME5NN2HiR8N6lu3LVqibn9sJCgRDNkUxi23OzjRpB21c5hWvsNf4xernKgilW_UirIXcy9Wd&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:23 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKhLRoyJuZwqaffu-CM0IguME5NN2HiR8N6lu3LVqibn9sJCgRDNkUxi23OzjRpB21c5hWvsNf4xernKgilW_UirIXcy9Wd&google_hm=KmnNt3onwv4-Qrr5XKrZyQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: rmjh634t1d1p2kddejei506m3am24mbl

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 898E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5GafwEFAqdu80Xt5o3Rs2eFrHXGRnHjUwMt5KimOZDotTF3DWs30SA9edkdTdJ2tBmObmJ7LXbYyRFpOfnd3MfrzIAzga

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6kaiuQCQS0GpqdEEXaLD7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5GafwEFAqdu80Xt5o3Rs2eFrHXGRnHjUwMt5KimOZDotTF3DWs30SA9edkdTdJ2tBmObmJ7LXbYyRFpOfnd3MfrzIAzga
date: Fri, 13 Aug 2021 16:07:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 898E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0v...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 898E 0
12 B 38ms
37ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3yYgPA8beqt8yiIscvKRSwGH4DiXgQfSG3wxd8kEvNt903a7ydIHHCTi2ZcHKThZmqPnv

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4ECE 232 B
431 B 195ms
137ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=22b125edb467418135766868991fc5afa55239f7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmatueku.nagoya

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 16:07:24 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 14dea24eb63682f5b4bad89ab135c9d7e303e0cb5dc99ed7aec598e8a651511a
content-length: 166

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1286 3 KB
4 KB 30ms
18ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5628462
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWENsDIP2yPzaZMZ%2Ba3RLQb%2B%2BQv7vEREd5tr8BSSDeNZ7B%2FmLEANSYtLPQvRfi9Lj8hBRSpdpOduVE%2BqeULh4a05NhYbeyCpCZNsVFSaI83nVxJ%2FoWuCXAdffagbzkICKcriIdMmkOFsCEH%2FMQbnOsJPGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 67e3323a6e82434b-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 6E0C 2 KB
2 KB 17ms
16ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 13 Aug 2021 17:07:24 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1710686
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Corkh2%2F6GpcrhJN3BH16K9pj14Tqfeas6TeClIQtvF0%2FyhFKxCUgKhnyqXC%2BgrXWFDD8TchbejzV1wFQWTV4jOdQdv3%2BBgsSitCZfle7O%2BkAPWkcHO5xqsC469XvdJwbpybUXxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67e3323a6d834e50-FRA
content-encoding: br

POST
H3-29 200 rs Show response
ad4m.at/ Frame 334E 1 KB
2 KB 25ms
25ms XHR
text/plain 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5e8ef0fbef2af668404a29fccb11a6312fadf087829a5b1f9241853fc38af

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h69qhzgkdvk4p9bya8h5qcwk33vpqv76a103k3rsgzd0z64y46v0epaq9tjth3wejtvathe480ngsmns0ccj0gz2j8m3fws2anq735mc3zh706ctf4pggv4wmrsb0r0ha9363ygkazpb2664bs4hzfw9a94h7waxkzzjj3w0nrtp5kngxhhjk54q7dbh04y0g3xp50hs0dnsq4pvpxvg8zqakshzxxnjwy7q18fy93sp3dk7xdktn1vz7bp6kqn37wgk6zrc2zsbt26q4fkczsasbzwepdktzpkh44t8pws6gp2bfwzv5gavcs8kczad67xqp813xhp6q59mn744n5xvs5qa0r4c3dmc6sk5tbr5b26h9hkmzjhdw3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67e3323a7d984e50-FRA
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBnIfkDAp8W5LZuV%2BRSGMIe3tDAWQkQqshrdVNoGcVjp7AM4Eyt0uyKqtAOBHKyo9cPcXbKRYl%2FXsJFNj6ZAiuUwh8R8OiEo4TjhAnBVt9CVXh16GzFKVI14CB95j0aeoMuxfFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

POST
H3-29 200 rs Show response
ad4m.at/ Frame 7820 1 KB
2 KB 22ms
22ms XHR
text/plain 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75355677a85ebb638fdfc556c987d85886d270d3deed120cab99e4dcdfe10e6c

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jgeq093dek99af78y4epvt5pr1s7n70jd8qtrk39jgjrw39q3swhk51h5mdytk7ab24accb03385m60q7cycbhpxz2b3wbygsa5t14h8gtfwd2t2dx75z14atfskz2md245m4mztvgd0gm553w3ec6xyn24ybam1e63acqz433djky8ysw7sdjydkp94dfgtv6kqmv9dnpjnym72r5bxcp02x1m84r9n6df5zxxbe9gwt5z3bttvv0743jt1phx5gtyf71sqtjebs4kymwd31jp2jfxne3tqeneat7f76s8kt2py5dmgrmb6d5tcm54cfeaneg32daj5nfds1rzzw4gegy7as7te1snfsh7v7qv981dm2rd3r08xfpkw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67e3323a7d994e50-FRA
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEAVK03ZjJ%2F9BkaV8l4p%2BKY4wFpIWEbPMCeFeu0qIERXu4hgxxe7N77QS%2BcIyy%2FChJAqkRgA0gI89leQ83ZRxDq2x55MYCjKSgxYVKN%2FShNAcuE8FciK87iwcdUsRfrmHiLpG3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame CC99 9 KB
3 KB 30ms
28ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362630c5562fa68d5605b4e745fab067651d20923bca9dc0ac6e3f977b19ee34

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67e3323aa919175e-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 8358 9 KB
4 KB 22ms
22ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

232e3cfb298057a613763faaaa45c1d0495a042df8fe0d4184ade954280d57b1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67e3323aa91a175e-FRA
content-encoding: br

POST
H3-29 200 rs Show response
ad4m.at/ Frame 1286 1 KB
2 KB 59ms
59ms XHR
text/plain 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c2391d3b99733b88af993bcc78f8f1bb07ccbf45e0d067363b8450382e600c

Request headers

Referer: https://ad4m.at/ad/dr?ed=1j6fav1v3y3ayqnydb2kgsfmn909f4jq7nz59mj4fkf5ba3yggrr043cjyympf8fx89nfk68eszywzgsw4sabzxmx8mn4gn4dz5mh7mnnytt87g05jhpkvmm10dgtztj2bz44tj2zvf8368qrb5da8996sm2583810wemg1gfa87976v6s5fj8fx57knsfy646mtypy4d96qxbcbk5tevpdv0r647csc2988gr1pmjqntrj5gm57m5xrqt871agwhh0pfzfmwz6ta777srfq9p89k4acadj248hs54c9brgsezgqq6rqxhmv0xegs3rjhtbtdyh0q8n989er1t44t2cr7y1nph7jft6xzd7nfeetkwg9rt8nrtqf0kt2w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%26client%3Dca-pub-4147299712708752%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 67e3323aadfd4e50-FRA
date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pibGrPcMMHxWRR9FUZ3mmMcn%2BkWE2rJYJo0MwnGm4CxvESA0JiWCqhcYyhcsonLElgKaZDE0TUvTQX6Bz4kN36xfoHR8%2BNIPisZGkdUMT%2F5w0DX2zGBcnwQNIXxcckskM6dJzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-1tg8

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 8358 64 KB
8 KB 15ms
14ms Stylesheet
text/css 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 9
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Fri, 13 Aug 2021 17:07:24 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67e3323ade644e50-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 8358 18 KB
19 KB 30ms
25ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581018
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71%2FE8ThQPpcoWstoEnIR%2FWlkQ4e0hCOZOWCo3tuNatOW6SJTTwJO4ooFJXY2U3J%2FLOmzRfQcEOVNcmcHvJwu18nqfTw2LaA0KDpjF9Tua4M%2BQvlQ7oap9ev2LXLSj6eub%2FPWtVZC6Fy4kC%2BQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67e3323ad95b175e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 8358 2 KB
2 KB 19ms
16ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1782
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0JCjvniZCIbxksQ3LysWrzCamieg8gm5tSSCsqjimiEVj0b5650nHgPenn2wW5NuZPlQECgt7gBTi5uzU7%2FZ5XV4YZN5d1Y2TGGqEr4zThC0NuTvlVx3LX3A0JSUG580Ryp8RJiD2fXV1t9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67e3323ad95f175e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8358 43 B
702 B 118ms
41ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 8358 38 KB
39 KB 27ms
25ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145822
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdudwK7rdcQqro8dSaYkt03cQMqrxbJDqY1fKLkB7KzQRNIg_lpjHRGPoo_UQsbfuew4Vlmyd8M23F-LB13Dm-I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX9NY30WN5IeSV30VRSo4hjmEDleWISNOgTynMhxutA9q6lf%2BIQB%2By73yGCwdeQs6xfQhSvObFl1GEZ5tavKJdcRVmSBa0SiI0heDRPRFVHdznBTTvcjURGIWEzxUJ0A3tYLu1WuShjYFDpY"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67e3323ad960175e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 8358 113 KB
113 KB 21ms
19ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145418
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Yk4gZ%2F%2F%2F9F%2B2liCfxr2Ht7EFa6zYxE%2BlAeDir3YTIAOPZz7cGu%2FjHPKAFFBw7nacp%2BB%2BumhbOguuqE7F7IfLW97njzqnN7PyDl0qQhr2vnvGSYdFlQhFHma58LySwSOy3TqVBUjf8cuhl8h"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67e3323ad961175e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8358 43 B
702 B 118ms
41ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 8358 8 KB
9 KB 28ms
27ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314409
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsbCHdvAmy_DDWo_WgNzFyfa3voA8V353z9OT3EheLcLme2OB0vw_ReaN3yWffYUGTkLTArj33jM_oL5av4CX6MzMWM0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BfppHpXDECYcayyMF3vqGTmw8BgZRWnpBLFpDrSBqF0DBLGqHCljiTm511Jm7DDrUWLN%2BHZiN3m%2F2TZJZl9VKRuGFwobOqbrupQR%2B%2FZ1Nc0CsT58J1Bj6w0747nFdSo53wHxt7NMBU8S8kK"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67e3323ad963175e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 8358 35 KB
35 KB 19ms
17ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144227
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdvvB6uzlBf85gejyOnLrDvuwZhKKXK1VpRUY0xBynHYzO5RBpdKXBT98Jm2FqkCYGe3d9ZkzSmbZtG7j1wbF8ydhTdT7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH5ngEic%2F5IgN%2B%2BH%2F3iIObEs2fpG%2FFz2vIsTv28iDUH38xomDpVXHJqzwEi9Q%2FTnUDHE8jWw4yDvh7%2FzwGJzjFj5aW8c57PjPTVPwNaeNIt%2FN9LGVm9R75%2B07hjVQCdQp6H3tvsJ2o2XHwFx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 67e3323ad965175e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 8358
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COqo1eCwrvICFVjyuwgdviEOog;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c698181-fc50-11eb-b76a-692d015b28f2

0
518 B

121ms
39ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c698181-fc50-11eb-b76a-692d015b28f2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=728&d=90&e=&g=d0e32fdb4ef9a4e3eefda7a87f7a46c5%2F11843994363562967913&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22d676vb84hpdbv2zan91v3cvs13bckqc4nvcjppnd1fjhhgbh5r1dtkjccaj6jtv82v111nssm9gy9e7rj5n752jrb2s8qjnvp4bybqfnkmxdjkrqyrnv4xczgeg3we7gcbx6c8ne8qyt64csz8ge8a8k1xkksrt2e4bewe1wmqyeetxrx7jtp9gy25h3kd49x043mqvjvjp6sdm2byz6f1sc212n7gg8jqrg6pstmd2qx42akywrk9mv8ry%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpBs3vJgWYY7DBseV3gO86pG4A5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAo2tPLUeu7M-qAMBqgTLAU_Q2Bumkk1NF5d3pypBQFwFCAKZdP7dCm2IBgPVRXEgCR7ua4IvPz_orHNbORqHx9PcgIe_K_J3aoMHaKjKdI5Iun4qpatkC2AnXVTXhU6c_Qb6KvoXb_0l4wyV8CJi9kwzxGy56sZspLLh2xFiVcRkRYtaf1QuaDYI9M8MqZ3tiA0APC4XFM0dtzsq78ob9NdNmBI8MR8xOjB4dykYeiFHS2I2cO6tNBoCQwqmH2ru8JKHW44PWY2josvSDyms_QexZgEN97z7syvTgAa_y4nGt9P50VugBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qBljuzDbLvXWrd1QPhSWBs70dNA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c698181-fc50-11eb-b76a-692d015b28f2
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame CC99 64 KB
8 KB 15ms
15ms Stylesheet
text/css 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 9
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Fri, 13 Aug 2021 17:07:24 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67e3323ade794e50-FRA
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame CC99 18 KB
19 KB 22ms
22ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581018
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4LnXQB6e8tAUg8z368tsc7pPoTYtG9vP61R7uiukwf3G0g8rVeHqqZcYuyYZbpxhSLgS2ORSIQFmqncCRK%2F8UBrFbW%2FqVohIFwgRvtO9WKjwaPjCueZ1OF807iF3GIwJKReVE6qoSj4Hx4r"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67e3323ad96e175e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame CC99 2 KB
2 KB 26ms
24ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1782
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtFOLu%2FqVsgnyOKYISbqAXn65FLo6A5dGLqZFc%2FDNybUZvm8%2FpFpYSa2bmOcMcUxcAHWYmBTHn1EJDtZhmZHEOzL%2F0hBNUR9AxPiUjZniW4yuqt%2F8%2BeEEUx%2FGdcTZcSFOo%2B%2BehemJycZ%2ByiN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67e3323ae97b175e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CC99 43 B
702 B 114ms
41ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame CC99 38 KB
39 KB 20ms
18ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145822
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdudwK7rdcQqro8dSaYkt03cQMqrxbJDqY1fKLkB7KzQRNIg_lpjHRGPoo_UQsbfuew4Vlmyd8M23F-LB13Dm-I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8psckJcYeWz0GPUW%2Fq%2F0edxGIfA8suCjdJW82NLuZfcxIB7BeczOX%2Fv6w0PNEwGfXssCRvAJvB5QQpexilE%2FE92McGLPKmMzxhbDBcXvuvhiD%2BD4iPNVDuBfDJm5yZCBS4gLN7UXZqpcm5mQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67e3323ae97d175e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame CC99 113 KB
113 KB 26ms
24ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145418
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISn9Q%2FLSUGGJBUN0ZcyYHp%2FxIX8CnDguz4rvBOrOLaQsvp5TUaWiUuW%2F%2F5iVLA548ODZIJAvXouWkihgCdT8dQDgP4jj2x0o38nFf0ba%2FLjW59NAxeG2haZCguVSLFAlZvmku6cPhWCqBO1i"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67e3323ae982175e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CC99 43 B
702 B 125ms
45ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame CC99 8 KB
9 KB 22ms
20ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314409
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsbCHdvAmy_DDWo_WgNzFyfa3voA8V353z9OT3EheLcLme2OB0vw_ReaN3yWffYUGTkLTArj33jM_oL5av4CX6MzMWM0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kNvgOkntaimeYSNZWIFe5DLOklchT1mlJxiiXLv7LW%2FDGauPdyrNl%2F9buDEJxEWNWszCFZwHy3cQy%2BM6Sax034lZ1UwVbNItmabPA8uSBirqgvhC4jCaks6YBbAEeVCWJIyAbusAfKqav9L"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67e3323ae985175e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame CC99 35 KB
35 KB 28ms
28ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144227
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdvvB6uzlBf85gejyOnLrDvuwZhKKXK1VpRUY0xBynHYzO5RBpdKXBT98Jm2FqkCYGe3d9ZkzSmbZtG7j1wbF8ydhTdT7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUgm3GV19YTGYn8BunlOKJus2RWPtdEo%2BtVbln7HHIZskzwWOcUZ4hsL48eFRztkhYWpx%2F4PwuhHIodK3k2FpcFDPC1dbWLIeeQnk5LAVMGJhKOXXrmMTHssqpV2EmF9w0x0vJ2SJQKPRcFI"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 67e3323ae989175e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame CC99
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJWv1eCwrvICFSWK_QcdPn0Fsw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKPoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c693360-fc50-11eb-b76a-692d015b28f2

0
518 B

115ms
38ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c693360-fc50-11eb-b76a-692d015b28f2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CXxVfzfrfp3Bh6H4HetqtxXpU8tkTXKP&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2Ce7RC3fVfmYMhjHZHet2CePVf7tQTx8J&c=160&d=600&e=&g=5770e55e76b761af18a9cdfd80d87211%2F9297288496930163855&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ph8nkvmk4kzcpewmcsgdnx9kmyy1d607jbdyz0wmvy8e36thk73183q2q1ydjvsvkn62c5akzsawgjw5tx65afgqvbwawm4314v6wfjvazymc346p6p17sk7cdnts1hk3nr2vynq96sw6dwxb9jcfsy28ha98nd3m1yt9c77yzvxse3d3y8ty1xqr44xv4sqwnhnzqkz4xrwt0rsdf4m9291mgsdmb119n7tp2q19mk90cmbbhf4b9db134%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWGwbvJgWYfOCBZWOrATwtpSoDpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDE0NzI5OTcxMjcwODc1MqABwq7o3QPIAQmpAoheE0JftrM-qAMBqgTRAU_QJOoa9ld7yHYt883DGx4hucX0GhAVl140Ky5Od2R73rvb9SdZWWoMf0H5XUsrSjGpgZ5ESm4kSyn20KTSjjnaHDk3cGY_YH-o-CH849pMrFWt5YUBACgSa6gqOAxYnm4OSCzdIQ7tfZcesXhrg25fp3iiYLdPwDgBQ82WbO-Q7mZyOLaO1dREsC7LhQWpDbL7mBE8eFet7vN6_8NRI96lDgdBh32uPlW1qi66sJqo85O_9lkl90Oz3x7zhpKly_0DASC32RKAsixgSe36H55KgAaRy7LTwvHeoc4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0C2vtC7xblbV6pz8PuMPnJRv1ZKA%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c693360-fc50-11eb-b76a-692d015b28f2
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame E382 9 KB
4 KB 26ms
25ms Document
text/html 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6a8bb0b12a7fe27cfdd8d3120f8bf0e7a5e89d49d46a84199acfe9fcf5c20f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67e3323b0ee44e50-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame E382 64 KB
8 KB 25ms
24ms Stylesheet
text/css 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 9
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Fri, 13 Aug 2021 17:07:24 GMT
last-modified: Mon, 09 Aug 2021 09:04:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67e3323b3f394e50-FRA
cf-bgj: minify

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E382 18 KB
19 KB 14ms
13ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581018
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJHrPOc2Y1CPUAIB6MmgsjqhQgmD%2Fqo9YwDm0ucwF8LXLaK4E8Zf0ssVKbFiKC4lC39Ykepf1NYwuBbMxM%2FK4OEClDDdbmp%2BVQSaWHWFd8cbBwjQkFF%2BUWPlTBrNP%2FhkwK8mBdtjOz6r%2B1nn"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67e3323b3f3a4e50-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame E382 2 KB
3 KB 15ms
13ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1782
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtQ4jeKY8sLPiWjVJTUwFnbYCLm6B0tmmx49bCaKsEH0AqAmcOOsH9s-nWMC5gR9JVGMV7JupvfQVoNrIgX8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnbbEPTrRj5efEXgPgfoL0fQnz9nOl%2BW0DPE1HQZDjOAOAuwt0JZ%2BTEcuYRO74sBS6RnkT4T4%2FP9GPLBx7n1yvx%2FuUvmh47H0Ta4AqBI%2BSAjq0o7NplvSwjxgUGJnxcyIJIoTASXL%2F97lXTE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67e3323b4f3e4e50-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E382 43 B
702 B 93ms
41ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E382 38 KB
39 KB 21ms
19ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145822
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdudwK7rdcQqro8dSaYkt03cQMqrxbJDqY1fKLkB7KzQRNIg_lpjHRGPoo_UQsbfuew4Vlmyd8M23F-LB13Dm-I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfB54yCXcMTHTZlDgzLfUmrsV9Nl4yHLRdqa0mr8e7dvtXfPWX0JO0W1tSXMPDGVjTuPZCaB8ibpCoOhsYShIRPItZUahnZMwseG9upQB%2FxY4eVzgyoMLj7Q%2Fh7aRUMDrMd4%2BpOso4F5AtZN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 67e3323b4f404e50-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E382 113 KB
114 KB 17ms
16ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145418
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtIzq_vJ5nFb2W5tssU-MDbTl1QbIm93RCyJfrmPzu-97-yWEwMzhk-34f3i-RKCXR0otX6ULdnrF6ohpilzg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypeW19YH5ZG6LZtxjAc00SeCxr0oXiTSEm%2FOL%2BjzTklqS%2FNvrQWlMqZ7DpP7H0dCYo%2B3a9NZsLkNkC%2FZOx4Aq3pVXuxo94NfdNLopt80q67BfZ%2F7j5z%2FNggEyBwvUKmXvCH6qrD%2FTVuPQ%2F0y"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 67e3323b4f424e50-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E382 43 B
702 B 93ms
41ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame E382 8 KB
9 KB 18ms
17ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314409
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdsbCHdvAmy_DDWo_WgNzFyfa3voA8V353z9OT3EheLcLme2OB0vw_ReaN3yWffYUGTkLTArj33jM_oL5av4CX6MzMWM0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ttsmNIm0D5RYt30CLO5EphVFJLps1qr8nhnqTDO2eSC955bwbmxBwpV5SKGAJcWGCYcgPnRuDr6zfpT41eE%2B2nRLNNuQXLdvayWa3jA0Np628rBv9VZdnsAbdpzkPkffw2xE9DbZCvAwLpY"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 67e3323b4f444e50-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame E382 30 KB
30 KB 14ms
13ms Image
image/webp 2606:4700:3039::6815:c061
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c061 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date: Fri, 13 Aug 2021 16:07:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577527
cf-polished: qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid: ADPycduVWZmIF5BxTLcDW0I5Ne19p0vrZyL_pAmBf84tR-rGzLe-XMR9KQ8IQevOMmwl8qG1NpH_odJSMvExCQxQ3t9biBZodQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30226
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldbD6cqsohhlz2J6HI7IkdyL15lF4wM%2BqNtH%2B8gLO9%2BN5FdFlDsVpig%2FW1O4VYk6ofWvQNGWJDrsqPpJiGaVgkfwlwVVcF7kRCJTy4H1Ak3uTPkLA%2Bn7GUXLrJeB9vOLyDWkSJiq63Bxfnmt"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1586422222365290
content-type: image/webp
expires: Sat, 14 Aug 2021 16:07:24 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 81547
accept-ranges: bytes
cf-ray: 67e3323b4f454e50-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame E382
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNao1eCwrvICFcbkuwgdm0sHog;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c6a1dc0-fc50-11eb-b76a-692d015b28f2

0
518 B

127ms
42ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c6a1dc0-fc50-11eb-b76a-692d015b28f2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2C3PZfpf4fjz2C7HrHAtEtpY1tMtWTA14&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CWKmcrfdfM8maYH5HjtDCrd3t7tETJdP&c=160&d=600&e=&g=777f44f6950bebfdad62a26a86f925f9%2F4164371677408730122&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pqyn3v7k1d1fpfwca0m5bm719taxc9e07c89h0herp3gtve908ywfe1rn67yt0pz76w2x2wjer237661msgqknqxrk4048vdz5z0s2a45bbtzej7m826nw6kxpkm4r2cb2fc6dke5az73pz10ssrnvgfgx9v825t8bvn8yq52pmr8671xkvdsggcanww7pp3f0150x3vkkb1nz9jcrwjfp8951n2c5ze532ebs6wffe5493t4f0ahz5kak0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCH1mTvJgWYd_-BYX63gOv5okokOGBhFy2qMKK8ALAjbcBEAEgAGCVAoIBF2NhLXB1Yi00MTQ3Mjk5NzEyNzA4NzUyoAHCrujdA8gBCakCja08tR67sz6oAwGqBMsBT9CEHa6X6uGYNtrG1IeXZ-fwW4K4sVWG-kL7XyCyYFTCl_rRstLVtktSdNBOyCqWgTqWWQ-nEYcSSU6CCK7doU3DjtVxOvaqYFLjnm6VPjfhZEfoRsOY6m_Ooe9RLD2oSBhTtm5rceu3UTNm-kU-Vb-Wcr-7DPqTuYztOd38UMUzReWfg_aQAj9QY_AZYDpHrcV-Jv-uietBplqwA6KZN5bp5qe4YvXVbvQWHBGpkODSvsQizkUPt3xTHdp6ZBs1zUHwgsBdZZ7fBlmABpHLstPC8d6hzgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3vsEMnCavd-ElN-P05fTipY4UbVg%2526client%253Dca-pub-4147299712708752%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 16:07:24 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 13 Aug 2021 16:07:24 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1628870844_8c6a1dc0-fc50-11eb-b76a-692d015b28f2
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK moment~timeline.6955291becca2212c21a83a5b7ccff16.js Show response
platform.twitter.com/js/ 25 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.6955291becca2212c21a83a5b7ccff16.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 0da8b681b5b73ff645ff5d1312a7a6e7db5f568d6ee68ad10ce77b142d5b7735

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:40 GMT
Server: ECS (frb/674C)
Age: 349748
Etag: "6a28849a29acd0e1df291c75b82e9101+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8015

GET
H/1.1 200
OK timeline.f0018d9150722c67abdd0e6bbab13587.js Show response
platform.twitter.com/js/ 20 KB
7 KB 12ms
5ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f0018d9150722c67abdd0e6bbab13587.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:40 GMT
Server: ECS (frb/673A)
Age: 349747
Etag: "b6a9074027bd2a446a397ba65736afc5+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6444

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 186 KB
13 KB 234ms
213ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_matueku_love_old&dnt=false&domain=matueku.nagoya&lang=ja&screen_name=matueku_love&suppress_response_codes=true&t=1809856&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

8271cf63669d9f34e7fe04c6749d421fb941bb54a8a4fb981b1a1288a3d5d107

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 13123
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
last-modified: Fri, 13 Aug 2021 16:07:24 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: c978a2e1604f526cf36efa4504ddf5a1db112aa94031472f56f2b125901a7fc8
timing-allow-origin: *
x-transaction: 0f734efe8fa07aab
expires: Fri, 13 Aug 2021 16:12:24 GMT

GET
H2 200 2764.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 498 B
862 B 31ms
7ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2764.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F94) /

Resource Hash

68da7c6dc7d9c0456174f2575abe8f8abd52cde7a4017700579519173a8a4a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
x-content-type-options: nosniff
age: 6894146
x-ton-expected-size: 498
x-cache: HIT
content-length: 498
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Fri, 10 Aug 2018 17:43:31 GMT
server: ECAcc (frc/8F94)
etag: "2IG3+nYmVUu6RVPbnEcqbA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bc180fcc8813a326b01b3165e022ebd3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:24 GMT

GET
H2 200 1f441.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 971 B
1 KB 31ms
8ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f441.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FE0) /

Resource Hash

b625748c631b0e921860f91288bbc04f7cdab05209b3b7754e3d33228be6d3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
x-content-type-options: nosniff
age: 7187574
x-ton-expected-size: 971
x-cache: HIT
content-length: 971
x-response-time: 15
surrogate-key: twitter-assets
last-modified: Mon, 13 Jul 2020 16:48:08 GMT
server: ECAcc (frc/8FE0)
etag: "cDaxoFWqmY5Xm2Cs1M8eAQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 8203d53407c99b9ee3158274e66849e3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:24 GMT

GET
H2 200 261d.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 653 B
820 B 34ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/261d.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FED) /

Resource Hash

265454f6aa0cd22f5a40b294085e4039abb85f1bb739a665817713a580499992

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
x-content-type-options: nosniff
age: 114814
x-ton-expected-size: 653
x-cache: HIT
content-length: 653
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:58:33 GMT
server: ECAcc (frc/8FED)
etag: "Ri0HmNjzaBCoy29ROGhJdA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 394e1aa3789d9089ac18a33d8bc32ab1d0f192d4bc4fd0ddd453240f9603a215
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:24 GMT

GET
H2 200 5PuaqE7B
pbs.twimg.com/card_img/1425589145737465862/ Frame BF7A 89 KB
89 KB 192ms
142ms Image
image/png 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425589145737465862/5PuaqE7B?format=png&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

f54994ec7757ec31b7b4366020f32547aafba9c1eb5f509905d476e31ffb552b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380109,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 90669
last-modified: Wed, 11 Aug 2021 22:43:13 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c70090b0ed879adc5cee046a513f6c7cdad7e0ab39a67b62b77e1de059a792a6
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 YkdY0wLZ
pbs.twimg.com/card_img/1425871818250878978/ Frame BF7A 4 KB
4 KB 168ms
118ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425871818250878978/YkdY0wLZ?format=jpg&name=144x144_2

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

396867de142f2d77e367a6d16018458d2e925b293de1c434fe87af74fac7e9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380110,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 3950
last-modified: Thu, 12 Aug 2021 17:26:27 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 465acf4c0e7d9ab1ed434fa4ca0f00c5e230905644a87df8d8b186993b8e7534
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pyhBMz6E
pbs.twimg.com/card_img/1423730704043630592/ Frame BF7A 30 KB
31 KB 233ms
184ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1423730704043630592/pyhBMz6E?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

7fec5d44dc8d57d7902291d1e0c6d18f67b0142c1e3e2a9a48f635890d3c1bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380111,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 31195
last-modified: Fri, 06 Aug 2021 19:38:26 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 352d80cc5f0f4d2963eafddd6540ac5f5d4d37985bc27c040bb14ed5c1f17434
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DiqlT7hR
pbs.twimg.com/card_img/1425765557509390336/ Frame BF7A 42 KB
43 KB 200ms
151ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425765557509390336/DiqlT7hR?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

77b496419bb3facab8dbc6b3c1e8d11dc0876e0a0b11436043df704f2a68256d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380113,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 43302
last-modified: Thu, 12 Aug 2021 10:24:13 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8083ce36b451e9a28036ba5925fba4546de67c211b8beb3189a210aa6d0ad7a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f60a.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 796 B
957 B 30ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f60a.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F78) /

Resource Hash

5dc76062acc5a80d95fdd823db908640d52dac05ad1a4899ab9e723bfa0bbbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:24 GMT
x-content-type-options: nosniff
age: 3423034
x-ton-expected-size: 796
x-cache: HIT
content-length: 796
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:28 GMT
server: ECAcc (frc/8F78)
etag: "89xNXXOiLp+o290aKwUirA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7626e7d8d2a4e1f4c573a401f2374af1f1e643ed1b77cc9788f4200e59057898
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:24 GMT

GET
H2 200 qudnXZpc
pbs.twimg.com/card_img/1424874661964181506/ Frame BF7A 20 KB
21 KB 185ms
136ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424874661964181506/qudnXZpc?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

9655f6e1996a77674c01e9df6c43c3c96bbc5759a146a05d8e5c60fab1edf593

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380114,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NJ_PISCATAWAY,o=20940],[c=w,n=US_NJ_PISCATAWAY,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 20819
last-modified: Mon, 09 Aug 2021 23:24:06 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 778d80f75e59ef44e098d5e82d484cf3aa202d4a71a78f7794172d8771236504
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f631.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 1 KB
1 KB 15ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f631.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA2) /

Resource Hash

42e6b438eba01cf441e8e1bdde37ddb2bd9278ac26526acbb930c1557a75e0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 78119
x-ton-expected-size: 1180
x-cache: HIT
content-length: 1180
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:29 GMT
server: ECAcc (frc/8FA2)
etag: "iuReQOF7jPyUnfoqMNKyjg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 99f6ea371587726d53639d6ce6e45d7243d3411e45dd9be680edb9093f2571e8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:25 GMT

GET
H2 200 MCsbzG_Z
pbs.twimg.com/card_img/1426006046078689289/ Frame BF7A 18 KB
19 KB 177ms
159ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1426006046078689289/MCsbzG_Z?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

f31863170253385ecfe9b337e4b0c13229c8429f8f831fdfb182a5d34a9830f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380115,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_FL_MIAMI,o=20940],[c=w,n=US_FL_MIAMI,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 18567
last-modified: Fri, 13 Aug 2021 02:19:49 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e03bb199aeec59773da3e8f019a1d477ce3199567cf40ad12c4f93550e6e1d2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 lWW6u3A4
pbs.twimg.com/card_img/1424370874946367493/ Frame BF7A 47 KB
48 KB 158ms
156ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424370874946367493/lWW6u3A4?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

c75cef4e3eee691b8da0138d2afa10892e5a6796531545e036e8a949b9c24abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380124,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_FL_MIAMI,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 48042
last-modified: Sun, 08 Aug 2021 14:02:14 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2e3ecf472ca4dc5e5d4fe61d674ecaff9c9a7cac30e4e806ebc966e59cb2cf2e
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Uu2lXbf2
pbs.twimg.com/card_img/1423730707684282369/ Frame BF7A 29 KB
30 KB 125ms
123ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1423730707684282369/Uu2lXbf2?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

0972546dfc6336481611dd0fe65d0db7cfca5d2f0a2faa4a6b55cfa20e2ab985

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380126,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 30080
last-modified: Fri, 06 Aug 2021 19:38:27 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 400cd6f1dbbf9879632a4e325ba252066d5d9610b7f7e7d85d613d8beff94f4c
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 mGewXhsZ
pbs.twimg.com/card_img/1425589144860774405/ Frame BF7A 22 KB
23 KB 120ms
118ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425589144860774405/mGewXhsZ?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

6b6740b43e1a1abcaa8b020e543416dfeafc8b94fb88d5480869d486488b2f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380127,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NJ_PISCATAWAY,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 22943
last-modified: Wed, 11 Aug 2021 22:43:12 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5ea425e15617de5a6eb38cd8aaf1fa3802d15af863eb1db59604b6735a0b2e68
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 u1pDHzH6
pbs.twimg.com/card_img/1424658188029157378/ Frame BF7A 36 KB
36 KB 26ms
23ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424658188029157378/u1pDHzH6?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

b0d22d2bf336720af14e27f5f7ad9d969738a24d22da9f0d6e587ed6121d5747

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380129,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 36760
last-modified: Mon, 09 Aug 2021 09:03:55 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec5856e459fa8bbf92c753c6c23b5ee675b585b07a2d8a52e993de61c2b56a74
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 2728.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 752 B
963 B 12ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2728.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E84) /

Resource Hash

ad3afa9c7beee612fdc68691d25b36dda934204a3d8916ff3d14df83548a0f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 8387746
x-ton-expected-size: 752
x-cache: HIT
content-length: 752
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECAcc (frc/8E84)
etag: "8Lg0UtK4FVBWQa8fLgrwjQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0f20aaad0e5590f56e639e0414e65e4633772cfe9d6e4ab5d01f699246a46b70
accept-ranges: bytes
expires: Sat, 13 Aug 2022 16:07:25 GMT

GET
H2 200 1f440.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 1 KB
1 KB 15ms
11ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f440.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDE) /

Resource Hash

487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 5899943
x-ton-expected-size: 1024
x-cache: HIT
content-length: 1024
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:49:51 GMT
server: ECAcc (frc/8FDE)
etag: "Edk5xK45DjvtJuiq8MRwOQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3614495fde870b07c1e68d0c9e5725bb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:25 GMT

GET
H2 200 QyqgCltG
pbs.twimg.com/card_img/1424700941924700167/ Frame BF7A 31 KB
31 KB 126ms
124ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424700941924700167/QyqgCltG?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

cac91c8556cdce809f1dedaa12ec06d38cf21fe793b2f060ff0062ff48727754

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380130,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NJ_NEWARK,o=20940],[c=w,n=US_NJ_NEWARK,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 31567
last-modified: Mon, 09 Aug 2021 11:53:48 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4d54a65c7b318cf3a6293cabc7ce9d2f48a747813ce79698902c3b79e94b09ae
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aDzP8mhs
pbs.twimg.com/card_img/1425679537560379393/ Frame BF7A 32 KB
33 KB 229ms
227ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425679537560379393/aDzP8mhs?format=jpg&name=800x419

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

7ca27c76be46b3a91d980009e61a0cd4a61b690b6c4c61b0f4e501790db9dfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380132,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_CA_LOSANGELES,o=20940],[c=w,n=US_CA_LOSANGELES,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 32753
last-modified: Thu, 12 Aug 2021 04:42:24 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a1f606c89807d9d402ea4fcd73a0da47c14b0f4578c5e96615553dbd653f093a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KGbNiiug
pbs.twimg.com/card_img/1425354291775148036/ Frame BF7A 15 KB
15 KB 129ms
127ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425354291775148036/KGbNiiug?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

860feb0b81f41f960dd1124d006d1286da2c4a010408654ec4dab58b03982de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380133,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 15277
last-modified: Wed, 11 Aug 2021 07:09:59 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dd6fe462e530b54bf43dc8e388df17649cc46d693de38c5b15df0d6ffaf4222b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f9d9-200d-2640-fe0f.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 1 KB
1 KB 15ms
12ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d9-200d-2640-fe0f.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1F) /

Resource Hash

a3cdf3bbc738f6d6ef2c337cd6f997138e2f71788c028fe068dd611cd7c0e3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 285141
x-ton-expected-size: 1085
x-cache: HIT
content-length: 1085
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:40 GMT
server: ECAcc (frc/8F1F)
etag: "60plLqqP7gbTDVw28mtxLg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ae3f3b0db8cb86d4a2a25411edad3599440831244209b2d32b04968485032ed2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:25 GMT

GET
H2 200 203c.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 197 B
339 B 12ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/203c.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FFA) /

Resource Hash

44ed845d25bd815242a41567ed15f043f9155c93c0c1066bde788cfe6f70d93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 3682390
x-ton-expected-size: 197
x-cache: HIT
content-length: 197
x-response-time: 15
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:41 GMT
server: ECAcc (frc/8FFA)
etag: "E2ThuGYTXVIP7AE6KDrZHg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7b61f1cf72b49aa763328d2a71f377cc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:25 GMT

GET
H2 200 1f60d.png
abs.twimg.com/emoji/v2/72x72/ Frame BF7A 978 B
1 KB 13ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f60d.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F44) /

Resource Hash

ed402544b4e4f781f41f314388826889618fdb9972b28212dcdf91c76673ac0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 2731956
x-ton-expected-size: 978
x-cache: HIT
content-length: 978
surrogate-key: twitter-assets
last-modified: Fri, 10 Aug 2018 17:42:31 GMT
server: ECAcc (frc/8F44)
etag: "ffCrvmr50iCm8PwqOJOU6A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 803e87088b897a43343c9cb16f750e66385418b882850addd6641e7dd82a1f53
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 13 Aug 2022 16:07:25 GMT

GET
H2 200 HfEIF_z_
pbs.twimg.com/card_img/1425047734516469769/ Frame BF7A 37 KB
37 KB 145ms
142ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425047734516469769/HfEIF_z_?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

3ce584d461e0d5268319fa1d48656f45ad99b695c582c0f8d17983f4078c0f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380134,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_PA_PHILADELPHIA,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 37692
last-modified: Tue, 10 Aug 2021 10:51:50 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 83218b258b30f48ba34c4ca71fb063006adb8ae9b8f6c4cad5caa4bcef4a1faa
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 S6iz8E1G
pbs.twimg.com/card_img/1426158097765072900/ Frame BF7A 16 KB
17 KB 160ms
158ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1426158097765072900/S6iz8E1G?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

506915c198130d0a8ad9d40c2069153d9f27f3ff64387d1387346f3ef5710964

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380136,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NY_NEWYORK,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 16850
last-modified: Fri, 13 Aug 2021 12:24:01 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c1b1c756c9248703892fa1ab5ff69c22309df9f2318c69ef5a1f5742d0b6c2cc
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aBheIppf
pbs.twimg.com/card_img/1425276904790429697/ Frame BF7A 20 KB
21 KB 243ms
241ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425276904790429697/aBheIppf?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

2c2b3a06b4507ce9b9416dc612e3c52252a27d890081da4c17a39fd876969db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380137,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NJ_SECAUCUS,o=20940],[c=w,n=US_CA_LOSANGELES,o=20940],[c=w,n=US_CA_LOSANGELES,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 20982
last-modified: Wed, 11 Aug 2021 02:02:29 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 95024a546d37ab758b9d243ebe4971dabbb00e9f30be89f9450489f6909eb2ce
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame BF7A 53 KB
12 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:36 GMT
Server: ECS (frb/673A)
Age: 349748
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 10ms
6ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:36 GMT
Server: ECS (frb/673A)
Age: 349748
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 YEm61UQL_normal.png
pbs.twimg.com/profile_images/1301723921012514816/ Frame BF7A 5 KB
5 KB 133ms
131ms Image
image/png 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1301723921012514816/YEm61UQL_normal.png

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

0ce6a2f4c51d901ad902722e094badc6ee8cd48a7266c52519c2eff29770d010

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380138,c=g,n=CZ__PRAGUE,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 4923
last-modified: Fri, 04 Sep 2020 03:27:02 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dff9c842c98bee8b6403fc0178e26e072d4e2d0386e4bea5e3436ecba4aff41f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame BF7A 44 KB
7 KB 32ms
7ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99983
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 59920769d08377cf2faef8ab85cd937c2cc9c6cd3d877cb55a9939c13b04e0c5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 20 Aug 2021 16:07:25 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 32ms
7ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99983
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 59920769d08377cf2faef8ab85cd937c2cc9c6cd3d877cb55a9939c13b04e0c5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 20 Aug 2021 16:07:25 GMT

GET
DATA 200
OK truncated
/ Frame BF7A 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BF7A 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BF7A 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 5PuaqE7B
pbs.twimg.com/card_img/1425589145737465862/ Frame BF7A 89 KB
89 KB 12ms
11ms Image
image/png 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425589145737465862/5PuaqE7B?format=png&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

f54994ec7757ec31b7b4366020f32547aafba9c1eb5f509905d476e31ffb552b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380157,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 90669
last-modified: Wed, 11 Aug 2021 22:43:13 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c70090b0ed879adc5cee046a513f6c7cdad7e0ab39a67b62b77e1de059a792a6
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame BF7A 829 B
984 B 8ms
8ms Image
image/svg+xml 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: ton.twimg.com
URL: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F54) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:25 GMT
x-content-type-options: nosniff
age: 203216
x-ton-expected-size: 829
x-cache: HIT
content-length: 829
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8F54)
etag: "CTUg6L9PuY+d9h5xpE0zmw==+ident"
strict-transport-security: max-age=631138519
content-type: image/svg+xml
access-control-allow-origin: *
x-connection-hash: 78829b8774d7fd58bee2503b1aebd484424727a2513197a62860f8b870bb07e0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 20 Aug 2021 16:07:25 GMT

GET
H2 200 YkdY0wLZ
pbs.twimg.com/card_img/1425871818250878978/ Frame BF7A 4 KB
4 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425871818250878978/YkdY0wLZ?format=jpg&name=144x144_2

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

396867de142f2d77e367a6d16018458d2e925b293de1c434fe87af74fac7e9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380163,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 3950
last-modified: Thu, 12 Aug 2021 17:26:27 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 465acf4c0e7d9ab1ed434fa4ca0f00c5e230905644a87df8d8b186993b8e7534
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pyhBMz6E
pbs.twimg.com/card_img/1423730704043630592/ Frame BF7A 30 KB
31 KB 11ms
11ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1423730704043630592/pyhBMz6E?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

7fec5d44dc8d57d7902291d1e0c6d18f67b0142c1e3e2a9a48f635890d3c1bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380168,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 31195
last-modified: Fri, 06 Aug 2021 19:38:26 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 352d80cc5f0f4d2963eafddd6540ac5f5d4d37985bc27c040bb14ed5c1f17434
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 DiqlT7hR
pbs.twimg.com/card_img/1425765557509390336/ Frame BF7A 42 KB
43 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425765557509390336/DiqlT7hR?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

77b496419bb3facab8dbc6b3c1e8d11dc0876e0a0b11436043df704f2a68256d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380171,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 43302
last-modified: Thu, 12 Aug 2021 10:24:13 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8083ce36b451e9a28036ba5925fba4546de67c211b8beb3189a210aa6d0ad7a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qudnXZpc
pbs.twimg.com/card_img/1424874661964181506/ Frame BF7A 20 KB
21 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424874661964181506/qudnXZpc?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

9655f6e1996a77674c01e9df6c43c3c96bbc5759a146a05d8e5c60fab1edf593

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380173,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 20819
last-modified: Mon, 09 Aug 2021 23:24:06 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 778d80f75e59ef44e098d5e82d484cf3aa202d4a71a78f7794172d8771236504
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 MCsbzG_Z
pbs.twimg.com/card_img/1426006046078689289/ Frame BF7A 18 KB
19 KB 11ms
11ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1426006046078689289/MCsbzG_Z?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

f31863170253385ecfe9b337e4b0c13229c8429f8f831fdfb182a5d34a9830f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380174,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 18567
last-modified: Fri, 13 Aug 2021 02:19:49 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8e03bb199aeec59773da3e8f019a1d477ce3199567cf40ad12c4f93550e6e1d2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 lWW6u3A4
pbs.twimg.com/card_img/1424370874946367493/ Frame BF7A 47 KB
47 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424370874946367493/lWW6u3A4?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

c75cef4e3eee691b8da0138d2afa10892e5a6796531545e036e8a949b9c24abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380180,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 48042
last-modified: Sun, 08 Aug 2021 14:02:14 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2e3ecf472ca4dc5e5d4fe61d674ecaff9c9a7cac30e4e806ebc966e59cb2cf2e
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Uu2lXbf2
pbs.twimg.com/card_img/1423730707684282369/ Frame BF7A 29 KB
30 KB 10ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1423730707684282369/Uu2lXbf2?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

0972546dfc6336481611dd0fe65d0db7cfca5d2f0a2faa4a6b55cfa20e2ab985

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380181,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 30080
last-modified: Fri, 06 Aug 2021 19:38:27 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 400cd6f1dbbf9879632a4e325ba252066d5d9610b7f7e7d85d613d8beff94f4c
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 mGewXhsZ
pbs.twimg.com/card_img/1425589144860774405/ Frame BF7A 22 KB
23 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425589144860774405/mGewXhsZ?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

6b6740b43e1a1abcaa8b020e543416dfeafc8b94fb88d5480869d486488b2f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380183,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 22943
last-modified: Wed, 11 Aug 2021 22:43:12 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5ea425e15617de5a6eb38cd8aaf1fa3802d15af863eb1db59604b6735a0b2e68
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 u1pDHzH6
pbs.twimg.com/card_img/1424658188029157378/ Frame BF7A 36 KB
36 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424658188029157378/u1pDHzH6?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

b0d22d2bf336720af14e27f5f7ad9d969738a24d22da9f0d6e587ed6121d5747

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380191,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 36760
last-modified: Mon, 09 Aug 2021 09:03:55 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec5856e459fa8bbf92c753c6c23b5ee675b585b07a2d8a52e993de61c2b56a74
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK app3 Show response
dalc.valuecommerce.com/ 1 KB
2 KB 1524ms
275ms Script
application/javascript 210.140.225.176
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

https://dalc.valuecommerce.com/app3?p=885560504&_s=https%3A%2F%2Fmatueku.nagoya%2Fpmebhqhodmz%2Findex.html&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAMElEQVQYV2NkFGP4n8AwgyHmVQ4Do06i7v%2BckPUMRWdVGRg7uZr%2BVxgqMTQdjWEAAPGmDNJv6bPGAAAAAElFTkSuQmCC

Requested by

Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.140.225.176 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

210-140-225-176.newton.jp-east.compute.idcfcloud.net

Software

nginx /

Resource Hash

8163605a85f3286ef63521b94f060549f4334ac4a83a8462ce79be0a8b074852

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 16:07:26 GMT
X-Content-Type-Options: nosniff
Server: nginx
Front-End-Https: on
P3P: CP="ALL DSP COR CURa OUR BUS"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Content-Type: application/javascript; charset=utf-8;
Content-Length: 1339

GET
H2 200 pyhBMz6E
pbs.twimg.com/card_img/1423730704043630592/ Frame BF7A 30 KB
31 KB 10ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1423730704043630592/pyhBMz6E?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

7fec5d44dc8d57d7902291d1e0c6d18f67b0142c1e3e2a9a48f635890d3c1bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380196,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 31195
last-modified: Fri, 06 Aug 2021 19:38:26 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 352d80cc5f0f4d2963eafddd6540ac5f5d4d37985bc27c040bb14ed5c1f17434
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 QyqgCltG
pbs.twimg.com/card_img/1424700941924700167/ Frame BF7A 31 KB
31 KB 11ms
11ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1424700941924700167/QyqgCltG?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

cac91c8556cdce809f1dedaa12ec06d38cf21fe793b2f060ff0062ff48727754

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380197,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 31567
last-modified: Mon, 09 Aug 2021 11:53:48 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4d54a65c7b318cf3a6293cabc7ce9d2f48a747813ce79698902c3b79e94b09ae
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aDzP8mhs
pbs.twimg.com/card_img/1425679537560379393/ Frame BF7A 32 KB
33 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425679537560379393/aDzP8mhs?format=jpg&name=800x419

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

7ca27c76be46b3a91d980009e61a0cd4a61b690b6c4c61b0f4e501790db9dfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380202,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 32753
last-modified: Thu, 12 Aug 2021 04:42:24 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a1f606c89807d9d402ea4fcd73a0da47c14b0f4578c5e96615553dbd653f093a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KGbNiiug
pbs.twimg.com/card_img/1425354291775148036/ Frame BF7A 15 KB
15 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425354291775148036/KGbNiiug?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

860feb0b81f41f960dd1124d006d1286da2c4a010408654ec4dab58b03982de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380205,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 15277
last-modified: Wed, 11 Aug 2021 07:09:59 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dd6fe462e530b54bf43dc8e388df17649cc46d693de38c5b15df0d6ffaf4222b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HfEIF_z_
pbs.twimg.com/card_img/1425047734516469769/ Frame BF7A 37 KB
37 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425047734516469769/HfEIF_z_?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

3ce584d461e0d5268319fa1d48656f45ad99b695c582c0f8d17983f4078c0f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380210,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 37692
last-modified: Tue, 10 Aug 2021 10:51:50 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 83218b258b30f48ba34c4ca71fb063006adb8ae9b8f6c4cad5caa4bcef4a1faa
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 S6iz8E1G
pbs.twimg.com/card_img/1426158097765072900/ Frame BF7A 16 KB
17 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1426158097765072900/S6iz8E1G?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

506915c198130d0a8ad9d40c2069153d9f27f3ff64387d1387346f3ef5710964

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380214,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 16850
last-modified: Fri, 13 Aug 2021 12:24:01 GMT
server: tsa_a
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c1b1c756c9248703892fa1ab5ff69c22309df9f2318c69ef5a1f5742d0b6c2cc
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 aBheIppf
pbs.twimg.com/card_img/1425276904790429697/ Frame BF7A 20 KB
21 KB 11ms
10ms Image
image/jpeg 2600:1480:3000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1425276904790429697/aBheIppf?format=jpg&name=600x314

Requested by

Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:3000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

2c2b3a06b4507ce9b9416dc612e3c52252a27d890081da4c17a39fd876969db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=2.21.74.12,b=11380219,c=g,n=CZ__PRAGUE,o=20940]
x-client-network: EIP
x-cache: "HIT"
server-timing: x-cache;"HIT", x-tw-cdn;"AK"
content-length: 20982
last-modified: Wed, 11 Aug 2021 02:02:29 GMT
server: tsa_b
date: Fri, 13 Aug 2021 16:07:25 GMT
x-tw-cdn: "AK"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 95024a546d37ab758b9d243ebe4971dabbb00e9f30be89f9450489f6909eb2ce
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 4550
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
5ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: matueku.nagoya
URL: https://matueku.nagoya/pmebhqhodmz/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://matueku.nagoya
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 349750
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Aug 2021 16:07:26 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 02 Aug 2021 20:34:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/673A)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Fri, 13 Aug 2021 16:07:26 GMT
pragma: no-cache
server: tsa_f
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Fri, 13 Aug 2021 16:07:26 GMT
x-transaction: 41a84e61108aa8a1
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 14dea24eb63682f5b4bad89ab135c9d7e303e0cb5dc99ed7aec598e8a651511a

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 38ms
20ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7badf79ef833c45cef2ee3918123447cbdaa604eb58e93adc9cef51ed0ea77af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8482
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 13 Aug 2021 16:07:27 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B471 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 14:21:00 GMT
expires: Sat, 13 Aug 2022 14:21:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1555 783 B
781 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40109b6a3e1d4c485db68266f6fa0f0a72461de8366b393c05e44c836895afdc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sBAXUiGkqhs5UXdA7gV/fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://matueku.nagoya/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://matueku.nagoya/

Response headers

expires: Fri, 13 Aug 2021 16:07:27 GMT
date: Fri, 13 Aug 2021 16:07:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sBAXUiGkqhs5UXdA7gV/fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame B471 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210809&jk=337981778896919&bg=!GRqlGl7NAAbOj6irzo87ACkAdvg8WpDMmuM9QGGR-NMvivrBcfcm82wbIuDVwnvXT7Pld5cGCLKcMAIAAABVUgAAAAxoAQcKAKDGkuX3tfnG4wdlnRTK-Nj8di5FMx59iVdjhKyyByLupvp4zVn2GVvIGRsty9xTzh8e7u6LwCsIIiIbM24xxXMqMVAi1iNrW_n4CmAFYZbT6WOVG6ar8QzuZJB5nsZ2XhIywA3XRyElzS_-NRlg-yMTqH202AKsqFmnsWZT4Hwzo7zO66_GgyrfPtQjaif3ubYozPONXOUZrxProVVOTyqCmQJzVyTNOwXnBAwixzYBIYJ1gei6xl8bc5KI8n5ZpMIsjLFANjDq8_Xixacef1cdJSAKGE4ly3mWCy9mBQYY3Q9cVuI5oMfvIewbTs3yR2gFrJMGAQnlTaN-fRS9jE9c9ZSKGWwBc8Tsu3atlNwuvW2L4mzhO4NvEsHwVPvM0RLmEfz1xmAfp9xAsCpNkkOIMPMbBFr3cG9ky0-6_g7kmR0rppaIARySrKsaqugfEhctUtJLGQO59e2eI5w3NInyTW_sxTFj5NXLSS41sHWQkcOXz-ukYGyYlbg6WNoxjL6Yscuzl69NJhZMILBZUEgIQc1gC9RvBDcubrQ1TtoCuJ2okMMcLbYtGA6S5F1mntShjFyn4tOZuSS72hWP8yP8uA1bgHySlPVemby3FM1XdyFh7NgdYTFar6gMrCY-9izlfoJbZ3-uX1dkum8MhnkGcL6neenJ84laWw2QHQxpeXTQS_PyYX7fdjtOFzHrIhJuxWsirl1SVeN0ZiEJsFHEA3O7ORdAjBqPenYZ0Uhs5Ph8ObOaGBZIc15HL_GQni88fShm8NFrj0oRx_hgmknV2hcFmjLBHgRlJusQHXbxWJd2fd9rREGFKafZ8L0NHZSE4toagU5Sdc3fXI4DP7bxUcX8ZOWVoqqoCcBU4fCZO9Fs739nwPbxcJ__DEiDYgnid2PFpZ3-g2p78Sqk6iCsfv1tx93-nQBVCfQWqDC2ygeo7-GQ5ubPxJrUThKVvbMkXr7He0mFLB6OeSpdjNzvL0paDSGAebBkMR4ay2pZJKqD-rBv9SNE2jXHOH1iahP3Y598JHHuVhabEV_B-KjPSL1SR0Gk
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://matueku.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_push=AYg5qPIqr61eXYKgkzgBG4LmvTPQ3qQrMp7josMzP86Vg05KifCZIluSAhqHSe2lpn0ltnEBahn3y5wiBSJwM5bhn-YexjsutFI&google_cver=1&google_gid=CAESEOdA3QUTTSVpAvm2x9Q-a4U

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_cver=1&google_gid=CAESEKnHLWzxtirKkILFPef1pZA&google_push=AYg5qPJYCJQaezmEJMlPcxcLJZ2oku7ydYSBGmGpF6-0h1qC_ngHeV0E-qVsKu4ESH4K5w3wNpgdtniVntPT22zwu-qpR4zVvQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRaYvC6gSGQSghzXAZKbYgAABHgAAAAB&google_gid=CAESEGrrmM1tIck7-kt11bIudVc&google_cver=1&google_push=AYg5qPLdRx3p224CtHC7tpkJhmixo583qPq0vzw9-2q3jhNNiEbRg_7FwWEofJonqhoEGxedfPmVnbmMi4qySyZQ2WxpoWSdOLEY

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
abs.twimg.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
aml.valuecommerce.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dalc.valuecommerce.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
matueku.nagoya
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
platform.twitter.com
prod-rtb.ad4mat.net
rtb.openx.net
static-de.ad4mat.net
stats.wp.com
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
use.fontawesome.com
webfonts.xserver.jp
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
cm.g.doubleclick.net
104.111.215.191
104.111.239.217
104.244.42.136
142.250.181.226
142.250.185.230
148.251.139.77
183.90.238.43
185.64.189.115
192.0.76.3
210.140.225.176
210.188.201.225
216.58.212.162
2600:1480:3000:e5::
2600:1901:0:76b9::
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3031::ac43:d645
2606:4700:3032::ac43:aa7a
2606:4700:3039::6815:c061
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:809::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a04:4e42:600::737
2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
34.98.67.61
35.157.140.213
35.227.252.103
35.244.174.68
35.75.84.12
69.173.144.138
99.80.199.35
031fc7bc66466f9e8bf4accb12349811169194e5ebe1f6d751d263bd8a4927fc
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
0972546dfc6336481611dd0fe65d0db7cfca5d2f0a2faa4a6b55cfa20e2ab985
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce6a2f4c51d901ad902722e094badc6ee8cd48a7266c52519c2eff29770d010
0da8b681b5b73ff645ff5d1312a7a6e7db5f568d6ee68ad10ce77b142d5b7735
0db5e8ef0fbef2af668404a29fccb11a6312fadf087829a5b1f9241853fc38af
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
105318ae82e349962a561c88f66614aace3b8a30935eca801d45d56ce3b93de8
1175821b44d75119ec3241cfec0646fcde90eae42db5fc756d2a272387c4c74a
14592aca0474ebd0bb16b19cb0de1e966aa71a70f7c48a954383cb65078b936f
158a18565f178069b850c635be004b3ef679745d4604fa1a3e96e33c5de6ef3d
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
215e77aaae9503edc9beed59c1a9681456f86a6e37838479bfbc467f10ae7e06
232e3cfb298057a613763faaaa45c1d0495a042df8fe0d4184ade954280d57b1
2556190e10847285a8d70e7b91aa69d6f9e6ec852ad73f26f528a62384cdee45
265454f6aa0cd22f5a40b294085e4039abb85f1bb739a665817713a580499992
289a425744bb9c0329c9570774ce5218404550d049b9d38a017ddaf479e70886
291b553dee180f838e513bf2580c9af27f8312320581e3c91029a7c4d5eb2fbc
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2c2b3a06b4507ce9b9416dc612e3c52252a27d890081da4c17a39fd876969db6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30e011d9f62e225dbfc33b0cc35f7496fdfd53f2fd7bac731885efa998ba2451
362630c5562fa68d5605b4e745fab067651d20923bca9dc0ac6e3f977b19ee34
396867de142f2d77e367a6d16018458d2e925b293de1c434fe87af74fac7e9aa
3b7c0524d07f3bc0dada79a136f5a64679b5be122bb7e118c7ce661ace6443e9
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3ce584d461e0d5268319fa1d48656f45ad99b695c582c0f8d17983f4078c0f92
40109b6a3e1d4c485db68266f6fa0f0a72461de8366b393c05e44c836895afdc
42e6b438eba01cf441e8e1bdde37ddb2bd9278ac26526acbb930c1557a75e0b7
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
438a5e0931adba17694d95d1de8faa1f124c417fbff865bdc462e579d5bea18c
44ed845d25bd815242a41567ed15f043f9155c93c0c1066bde788cfe6f70d93b
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
506915c198130d0a8ad9d40c2069153d9f27f3ff64387d1387346f3ef5710964
52873229f933f7836258ea964c1c5d8ad901ebdeb99862d68ad4c63d055e795b
53bf59da66295316a4f9c8555e60934c1729deeb6f614a6d07e202aa6530bebc
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
596611208874ece3e1115bf5d043121769c780955bb45d67dfd24cfd1ed32326
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
5d703182fa906b5769942d40ed27201b757090b855d244782a7258b558091259
5dc76062acc5a80d95fdd823db908640d52dac05ad1a4899ab9e723bfa0bbbfb
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61ac4a5ff58ceb425e80072de38da0534506abd6e84b02eb987365f49993c707
627c35c30f22be8351ae854926cd49479474199ff19121692a487b3ce4f96460
62c8e6952992facfbcee979786069de27885f6db1899caa3bcc297ea9b3fe9b3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67b8906cc807bbd99ef8c2c9e87b9defdc0e9aca4045ae567136335fbe9ed515
68da7c6dc7d9c0456174f2575abe8f8abd52cde7a4017700579519173a8a4a34
6a086b2e442c77463a19f5c75fa8444978ba1a956c489fd816bfaa63690462a6
6b6740b43e1a1abcaa8b020e543416dfeafc8b94fb88d5480869d486488b2f33
6c7b70af05846ddba3d29403b5238bc409d9b0676dd432752bdc5cce112a09a9
6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77
703983f4c98778f3482a507637f6a86c98b2df47fc450379cb5883e66db180e3
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75355677a85ebb638fdfc556c987d85886d270d3deed120cab99e4dcdfe10e6c
77b496419bb3facab8dbc6b3c1e8d11dc0876e0a0b11436043df704f2a68256d
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7badf79ef833c45cef2ee3918123447cbdaa604eb58e93adc9cef51ed0ea77af
7ca27c76be46b3a91d980009e61a0cd4a61b690b6c4c61b0f4e501790db9dfcf
7fec5d44dc8d57d7902291d1e0c6d18f67b0142c1e3e2a9a48f635890d3c1bad
80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e
8163605a85f3286ef63521b94f060549f4334ac4a83a8462ce79be0a8b074852
8271cf63669d9f34e7fe04c6749d421fb941bb54a8a4fb981b1a1288a3d5d107
84d7f97fccafca3a8c9df992a96df30235e70f035126dd5aa84f31ecc59abb2e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
860feb0b81f41f960dd1124d006d1286da2c4a010408654ec4dab58b03982de0
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8745aa85799d6399edaef53617793a4914e6904e0e63667ce6521a2a59d5f58e
89a305fd73b494dec3160fb0c10e80736c69f1d0a06edfa137c938e4a63d7139
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f6a8bb0b12a7fe27cfdd8d3120f8bf0e7a5e89d49d46a84199acfe9fcf5c20f
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93ab6f6495fbf73a22853a8a60d1242d1f5d2df60fa8b1634b9ac1712d72a32f
9455b5689abde0ee21f1befbcd397affd0be0793232e95347366ce9787c5b04a
94fc9daaf3ace4fac15ecdea08da411e585ce6a3b3282c3b7ea65529c9cc5277
964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d
9655f6e1996a77674c01e9df6c43c3c96bbc5759a146a05d8e5c60fab1edf593
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3cdf3bbc738f6d6ef2c337cd6f997138e2f71788c028fe068dd611cd7c0e3a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8c2391d3b99733b88af993bcc78f8f1bb07ccbf45e0d067363b8450382e600c
ad3afa9c7beee612fdc68691d25b36dda934204a3d8916ff3d14df83548a0f84
ade952a0ae2d2f3d459ee36d35e3c05df5c1dcb91ca2847b7cb43192d8163d26
b0d22d2bf336720af14e27f5f7ad9d969738a24d22da9f0d6e587ed6121d5747
b22a6914bcfd51c615ea47a6ae43f2801fb7cefb1bd63cd7a425f1d1f6d7f0c0
b625748c631b0e921860f91288bbc04f7cdab05209b3b7754e3d33228be6d3b4
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7d08fb7c0dba174a900c7d72d109031ec51870375ea104839eefd8b35461f5a
b8cbb54bbb0b069796d0f00768cebf9a55f8b794ba31b2f317633d3533155871
b96773c4b9e609994855c2ff9b4463610ee73c5a4a3f11938d88dcc2894d1c16
bada64afb66c6f3f10ea7b8980d72928a65c14af66fb3078b13fbdf4df2dd041
bc6b4b7a3fac1c7da7d3999776e8024d11ea84fbbe27af155b76aff31c865e43
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c3c77dacda87425d8b50a808eaae23fcd06cd8f31b762f1246d053fba21e85c5
c53dbfb97dbd4cfb29454dc7f11c90f3d656cbca4070bddc48e5866898083004
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6d4997731f1379986aeeb35185b7f88e7a79b54710f1066693423fbfe9a9bfc
c75cef4e3eee691b8da0138d2afa10892e5a6796531545e036e8a949b9c24abe
cac91c8556cdce809f1dedaa12ec06d38cf21fe793b2f060ff0062ff48727754
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
dbad54ab828729cd67283f8761195cfa4dcebfae9edfb25eb696e6346d4d3a3c
dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e2fa69feab176160c642026437a980e8d82132c225290fcfb0c50a333dd31552
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ce0103a24166b36c16d36c6211ca8eb04f67f763fd1d40e2cd3f6a7a1e238a
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ed402544b4e4f781f41f314388826889618fdb9972b28212dcdf91c76673ac0c
ed4b862e775a07d5a84680447875e8b111bebefe4bbcc6c382f177fd0a3432ab
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31863170253385ecfe9b337e4b0c13229c8429f8f831fdfb182a5d34a9830f9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f54994ec7757ec31b7b4366020f32547aafba9c1eb5f509905d476e31ffb552b
f9d1da4e959e22fbedf487bfe7c50161c35bf289e8defd8ae44d18cd70f355f9
ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

matueku.nagoya Open in urlscan Pro 183.90.238.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

225 Requests

99 %HTTPS

56 %IPv6

32 Domains

46 Subdomains

37 IPs

5 Countries

3765 kBTransfer

6804 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

matueku.nagoya Open in urlscan Pro
183.90.238.43 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

99 %
HTTPS

56 %
IPv6

32
Domains

46
Subdomains

37
IPs

5
Countries

3765 kB
Transfer

6804 kB
Size

0
Cookies

225 HTTP transactions
6 data transactions