archived.esl-staff.com Open in urlscan Pro
183.90.238.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://archived.esl-staff.com/
Submission: On January 14 via api (January 14th 2024, 1:17:45 am UTC) from US — Scanned from US

Summary HTTP 190 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 49 IPs in 2 countries across 40 domains to perform 190 HTTP transactions. The main IP is 183.90.238.46, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is archived.esl-staff.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time archived.esl-staff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	183.90.238.46 183.90.238.46	131965 (XSERVER X...) (XSERVER Xserver Inc.)
7	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
5	2607:f8b0:400... 2607:f8b0:4004:c0b::8a	15169 (GOOGLE) (GOOGLE)
6	18.154.227.19 18.154.227.19	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4004:c17::93	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4004:c1f::88	15169 (GOOGLE) (GOOGLE)
3	99.84.191.110 99.84.191.110	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c19::5e	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.67.76.119 18.67.76.119	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c1f::9c	15169 (GOOGLE) (GOOGLE)
2	182.22.25.124 182.22.25.124	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1	23.209.61.209 23.209.61.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.32.155.20 13.32.155.20	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::54	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::65	15169 (GOOGLE) (GOOGLE)
3	18.67.76.28 18.67.76.28	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::99	15169 (GOOGLE) (GOOGLE)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
1	2607:f8b0:400... 2607:f8b0:4004:c17::94	15169 (GOOGLE) (GOOGLE)
1 4	52.193.77.224 52.193.77.224	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:c::a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	183.79.255.12 183.79.255.12	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
2	18.160.46.101 18.160.46.101	16509 (AMAZON-02) (AMAZON-02)
2 2	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
2	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2	54.199.163.185 54.199.163.185	16509 (AMAZON-02) (AMAZON-02)
1 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	211.120.53.205 211.120.53.205	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	3.228.188.124 3.228.188.124	14618 (AMAZON-AES) (AMAZON-AES)
2	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	35.73.17.175 35.73.17.175	16509 (AMAZON-02) (AMAZON-02)
2	133.186.12.50 133.186.12.50	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
2	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
2	35.201.98.24 35.201.98.24	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	13.35.77.22 13.35.77.22	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4232:950e:aa8c:14aa:701	14618 (AMAZON-AES) (AMAZON-AES)
190	49

44 183.90.238.46 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv2345.xserver.jp

archived.esl-staff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c0b::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.154.227.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-19.iad55.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c1f::88 (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.191.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-110.iad89.r.cloudfront.net

widgets.getpocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-119.iad89.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.22.25.124 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.61.209 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-61-209.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.155.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-155-20.iad66.r.cloudfront.net

cd.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::54 (Ashburn, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.76.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-28.iad89.r.cloudfront.net

assets.getpocket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::99 (Ashburn, United States)

ASN15169 (GOOGLE, US)

gtm-kgl6p4h-mmyyn.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::94 (Washington, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.193.77.224 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-77-224.ap-northeast-1.compute.amazonaws.com

px.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:c::a (Colchester, United States)

ASN15169 (GOOGLE, US)

rr5---sn-ab5sznzs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.79.255.12 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b99.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.46.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-101.iad55.r.cloudfront.net

um.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.155 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.161.182 (Jersey City, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.199.163.185 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-163-185.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.120.53.205 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

ssl.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.188.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-188-124.compute-1.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.73.17.175 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-17-175.ap-northeast-1.compute.amazonaws.com

adn.caprofitx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 133.186.12.50 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p050.net133186012.broadline.ne.jp

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com

sp.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

discoveryplus.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.77.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-22.bos50.r.cloudfront.net

as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:950e:aa8c:14aa:701 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	esl-staff.com archived.esl-staff.com	1 MB
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	1 MB
12	google.com apis.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 23	164 KB
11	googlevideo.com rr5---sn-ab5sznzs.googlevideo.com — Cisco Umbrella Rank: 21676	2 MB
8	ladsp.com 1 redirects cd.ladsp.com — Cisco Umbrella Rank: 110779 px.ladsp.com — Cisco Umbrella Rank: 114679 um.ladsp.com — Cisco Umbrella Rank: 225516	14 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	481 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	592 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	4 KB
6	getpocket.com widgets.getpocket.com — Cisco Umbrella Rank: 97501 assets.getpocket.com — Cisco Umbrella Rank: 67096	14 KB
6	st-hatena.com b.st-hatena.com — Cisco Umbrella Rank: 114567	12 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	18 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	213 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	74 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	openx.net 1 redirects jp-u.openx.net — Cisco Umbrella Rank: 6327	569 B
3	yahoo.co.jp b99.yahoo.co.jp — Cisco Umbrella Rank: 25206 am.yahoo.co.jp — Cisco Umbrella Rank: 19206	19 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 955	138 KB
2	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1311	349 B
2	adtdp.com as.amanad.adtdp.com — Cisco Umbrella Rank: 7331	2 KB
2	popin.cc discoveryplus.popin.cc — Cisco Umbrella Rank: 106951	938 B
2	gmossp-sp.jp sp.gmossp-sp.jp — Cisco Umbrella Rank: 90028	876 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	574 B
2	gssprt.jp cs.gssprt.jp — Cisco Umbrella Rank: 16064	891 B
2	caprofitx.com adn.caprofitx.com — Cisco Umbrella Rank: 108833	1 KB
2	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1289	749 B
2	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 4276	819 B
2	socdm.com ssl.socdm.com — Cisco Umbrella Rank: 247533	2 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	2 KB
2	ad-stir.com sync.ad-stir.com — Cisco Umbrella Rank: 5220	715 B
2	microad.jp s-cs.send.microad.jp — Cisco Umbrella Rank: 23523	1 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	734 B
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
2	appspot.com gtm-kgl6p4h-mmyyn.uc.r.appspot.com	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	294 B
2	polyfill.io polyfill.io — Cisco Umbrella Rank: 1365	815 B
1	line.me tr.line.me — Cisco Umbrella Rank: 14686	425 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 14921	10 KB
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 7636	9 KB
1	hatena.ne.jp b.hatena.ne.jp — Cisco Umbrella Rank: 109789	1 KB
190	40

	Domain	Requested by
44	archived.esl-staff.com	archived.esl-staff.com
17	www.youtube.com	archived.esl-staff.com www.youtube.com
11	rr5---sn-ab5sznzs.googlevideo.com	www.youtube.com
7	www.googletagmanager.com	archived.esl-staff.com www.googletagmanager.com
6	b.st-hatena.com	archived.esl-staff.com b.hatena.ne.jp b.st-hatena.com
5	www.facebook.com	archived.esl-staff.com connect.facebook.net
5	connect.facebook.net	archived.esl-staff.com connect.facebook.net
5	www.google.com	archived.esl-staff.com www.gstatic.com www.youtube.com
5	apis.google.com	archived.esl-staff.com apis.google.com accounts.google.com
4	jnn-pa.googleapis.com	www.youtube.com
4	px.ladsp.com	1 redirects archived.esl-staff.com um.ladsp.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	x.bidswitch.net	1 redirects um.ladsp.com
3	ib.adnxs.com	1 redirects um.ladsp.com
3	jp-u.openx.net	1 redirects um.ladsp.com
3	assets.getpocket.com	widgets.getpocket.com assets.getpocket.com
3	fonts.gstatic.com	www.youtube.com www.google.com
3	googleads.g.doubleclick.net	www.googletagmanager.com www.youtube.com
3	widgets.getpocket.com	archived.esl-staff.com widgets.getpocket.com assets.getpocket.com
2	static.xx.fbcdn.net	www.facebook.com
2	partners.tremorhub.com	um.ladsp.com
2	as.amanad.adtdp.com	um.ladsp.com
2	discoveryplus.popin.cc	um.ladsp.com
2	sp.gmossp-sp.jp	um.ladsp.com
2	sync.outbrain.com	um.ladsp.com
2	cs.gssprt.jp	um.ladsp.com
2	adn.caprofitx.com	um.ladsp.com
2	sync.taboola.com	um.ladsp.com
2	cs.adingo.jp	um.ladsp.com
2	ssl.socdm.com	um.ladsp.com
2	pixel.rubiconproject.com	um.ladsp.com
2	sync.ad-stir.com	um.ladsp.com
2	s-cs.send.microad.jp	um.ladsp.com
2	simage2.pubmatic.com	um.ladsp.com
2	cm.g.doubleclick.net	2 redirects
2	um.ladsp.com	px.ladsp.com
2	b99.yahoo.co.jp	s.yimg.jp archived.esl-staff.com
2	yt3.ggpht.com	www.youtube.com archived.esl-staff.com
2	gtm-kgl6p4h-mmyyn.uc.r.appspot.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	accounts.google.com	apis.google.com archived.esl-staff.com
2	cd.ladsp.com	archived.esl-staff.com
2	polyfill.io	archived.esl-staff.com
1	am.yahoo.co.jp	s.yimg.jp
1	static.doubleclick.net	www.youtube.com
1	tr.line.me	archived.esl-staff.com
1	ssl.gstatic.com	accounts.google.com
1	d.line-scdn.net	archived.esl-staff.com
1	s.yimg.jp	www.googletagmanager.com
1	b.hatena.ne.jp	b.st-hatena.com
1	ajax.googleapis.com	archived.esl-staff.com
190	51

This site contains links to these domains. Also see Links.

Domain
feedly.com
tsuchiya-houmon.com
eustyle.jp
escollege.org
kinjo.works
esl-kango.com
twitter.com
www.youtube.com
note.com
timeline.line.me
recruit.archived.esl-staff.com
avxvideos.com
collegeporn.net
anyjavxxx.com
xxxvideosjav.com
www.kiyi-village.org
www.nphimsex.com
nayphimsex.com
seysex.com

Subject Issuer	Validity	Valid
archived.esl-staff.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2024-01-11` - `2024-02-10`	a month	crt.sh
*.apis.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.b.st-hatena.com Amazon RSA 2048 M02	`2023-09-23` - `2024-10-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
widgets.getpocket.com Amazon RSA 2048 M02	`2023-12-31` - `2025-01-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.b.hatena.ne.jp Amazon RSA 2048 M01	`2023-09-23` - `2024-10-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-11-13`	a year	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2023-05-16` - `2024-06-16`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
assets.getpocket.com Amazon RSA 2048 M03	`2023-08-09` - `2024-09-06`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2023-08-10` - `2024-09-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-20` - `2024-12-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
*.ad-stir.com Sectigo ECC Domain Validation Secure Server CA	`2023-10-12` - `2024-11-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
ssl.socdm.com Go Daddy Secure Certificate Authority - G2	`2022-12-16` - `2024-01-17`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.caprofitx.com Amazon RSA 2048 M02	`2023-08-11` - `2024-09-07`	a year	crt.sh
cs.gssprt.jp GeoTrust RSA CA 2018	`2023-01-06` - `2024-02-06`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
sp.gmossp-sp.jp GTS CA 1D4	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.as.amanad.adtdp.com Amazon RSA 2048 M03	`2024-01-06` - `2025-02-02`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://archived.esl-staff.com/
Frame ID: DA2C142C22BD435237D6B19303034C8A
Requests: 90 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
Frame ID: C12C3F085FB47BC9DD949AB0632C8EE0
Requests: 38 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Farchived.esl-staff.com%2F&layout=vertical-large
Frame ID: A39637FD93EADC239ED130602148931A
Requests: 4 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=https%3A%2F%2Farchived.esl-staff.com&url=https%3A%2F%2Farchived.esl-staff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: 54FB475B2C9206234E05DA8A5BC4AA6C
Requests: 1 HTTP requests in this frame

Frame: https://widgets.getpocket.com/v1/button?label=pocket&count=vertical&v=1&url=https%3A%2F%2Farchived.esl-staff.com%2F&title=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&src=https%3A%2F%2Farchived.esl-staff.com%2F&r=0.5350346681300735
Frame ID: DF219FB64932BCB8D54C18A776B4EEB1
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farchived.esl-staff.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: 6ECA25448C6337C82F2D03C871FFC89B
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBStcUAAAAADoL_2heeOZ3kEQYJTYS3CV1KGov&co=aHR0cHM6Ly9hcmNoaXZlZC5lc2wtc3RhZmYuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=riuyp4a04rra
Frame ID: 109691C51658A64FED83C973106BD20D
Requests: 5 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Frame ID: 210DAE9C256739D454A7351F13CF1B30
Requests: 19 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Frame ID: CF5C672D5B68472B2DE0EECAE3801C7E
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f42edc5eb4128%26domain%3Darchived.esl-staff.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Farchived.esl-staff.com%252Fff31b3b0ab43ec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Farchived.esl-staff.com%2F&layout=box_count&locale=ja_JP&sdk=joey&share=true&show_faces=false
Frame ID: E6F0AA23DCE323C7245125C7AC0D83F1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ユースタイルラボラトリー株式会社

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

190
Requests

96 %
HTTPS

41 %
IPv6

40
Domains

51
Subdomains

49
IPs

2
Countries

5834 kB
Transfer

11946 kB
Size

49
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://feedly.com/i/subscription/feed/https://archived.esl-staff.com/feed/

Search URL Search Domain Scan URL

URL: https://tsuchiya-houmon.com/

Search URL Search Domain Scan URL

URL: https://eustyle.jp/career/

Search URL Search Domain Scan URL

URL: https://escollege.org/

Search URL Search Domain Scan URL

URL: https://kinjo.works/

Search URL Search Domain Scan URL

URL: https://esl-kango.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/EustyleLab_jp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbAut9wHkGMLj_QE0IhUcUg
Title: Youtube

Search URL Search Domain Scan URL

URL: https://note.com/eustylelab
Title: note

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=https%3A%2F%2Farchived.esl-staff.com%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E3%83%95%E3%83%AD%E3%83%B3%E3%83%88%E3%83%9A%E3%83%BC%E3%82%B8&url=https%3A%2F%2Farchived.esl-staff.com%2F
Title: ツイート

Search URL Search Domain Scan URL

URL: https://timeline.line.me/social-plugin/share?url=https%3A%2F%2Farchived.esl-staff.com%2F

Search URL Search Domain Scan URL

URL: https://recruit.archived.esl-staff.com/
Title: 採用案内

Search URL Search Domain Scan URL

URL: https://avxvideos.com/
Title: エロビデオ

Search URL Search Domain Scan URL

URL: https://collegeporn.net/
Title: 隠されたポルノ映画

Search URL Search Domain Scan URL

URL: https://anyjavxxx.com/
Title: セックスビデオ

Search URL Search Domain Scan URL

URL: https://xxxvideosjav.com/
Title: HD ポルノ

Search URL Search Domain Scan URL

URL: https://www.kiyi-village.org/
Title: アマチュアポルノビデオ

Search URL Search Domain Scan URL

URL: https://www.nphimsex.com/videos/sex-hay/
Title: sex hay

Search URL Search Domain Scan URL

URL: https://nayphimsex.com/video/sex-hoc-sinh
Title: sex hoc sinh

Search URL Search Domain Scan URL

URL: https://seysex.com/video/phim-sex-khong-che
Title: phim sex khong che

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://px.ladsp.com/pixel?advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119 HTTP 302
https://px.ladsp.com/pixel?cr=true&advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=ASUbKj7fJBdFks8AEGgL-8QpT8A&logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01 HTTP 302
https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1

Request Chain 146

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw HTTP 302
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

Request Chain 148

https://ib.adnxs.com/setuid?entity=276&code=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

Request Chain 151

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=ASUbKj7fJBdFks8AEGgL-8QpT8A&logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01 HTTP 302
https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1

190 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
archived.esl-staff.com/ 105 KB
20 KB 3715ms
3001ms Document
text/html 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 99cd15b57b4dfeca90c211550483fea7df7491c0d5056567e94d455804607fad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 01:17:34 GMT
link: <https://archived.esl-staff.com/wp-json/>; rel="https://api.w.org/", <https://archived.esl-staff.com/wp-json/wp/v2/pages/218>; rel="alternate"; type="application/json", <https://archived.esl-staff.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
archived.esl-staff.com/wp-content/themes/simplicity2/ 66 KB
17 KB 208ms
203ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/style.css?ver=6.3.2&fver=20200413114359
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 5ab07611ab2b1359fce0fe1ca7ddb95c29f83d7cfd582fdb5a5fe8c827e35a0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 13 Apr 2020 11:43:59 GMT
server: nginx
etag: W/"1060b-5a32a9945ddc0"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 responsive-pc.css
archived.esl-staff.com/wp-content/themes/simplicity2/css/ 2 KB
908 B 206ms
201ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/css/responsive-pc.css?ver=6.3.2&fver=20190307073436
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 5996696ea81b6047e5f4fcc11562d101fa819550a956b4d6193f80af6ade58f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:36 GMT
server: nginx
etag: W/"7db-5838632482b00"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 font-awesome.min.css
archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/css/ 30 KB
7 KB 203ms
199ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css?ver=6.3.2&fver=20190307073445
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:45 GMT
server: nginx
etag: W/"7918-5838632d17f40"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/icomoon/ 4 KB
1 KB 200ms
196ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css?ver=6.3.2&fver=20190307073446
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 1641d85306449ce51856aa7f6d51d72db2986be90ac1d527e11cf606e5688d3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:46 GMT
server: nginx
etag: W/"1136-5838632e0c180"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 extension.css
archived.esl-staff.com/wp-content/themes/simplicity2/css/ 8 KB
3 KB 207ms
203ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/css/extension.css?ver=6.3.2&fver=20190307073436
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 006d019c3e7fc909bf7f9fd5edc76dad588b25cf10d6335cc846d17eee549d4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:36 GMT
server: nginx
etag: W/"218f-5838632482b00"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
archived.esl-staff.com/wp-content/themes/simplicity2-child/ 55 KB
11 KB 207ms
203ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2-child/style.css?ver=6.3.2&fver=20230511034213
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: f9ec51ec8cc69b2a97676176588d7fccce7286ffdc5470e2e4b493d847da9dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 11 May 2023 03:42:13 GMT
server: nginx
etag: W/"dc6a-5fb62c6216f40"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 sns-twitter-type.css
archived.esl-staff.com/wp-content/themes/simplicity2/css/ 2 KB
891 B 203ms
199ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/css/sns-twitter-type.css?ver=6.3.2&fver=20190307073436
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 88bbe5af7a973aa1aa6ad33f83a44aa78658ab12967691a84b86f06437177165

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:36 GMT
server: nginx
etag: W/"8a4-5838632482b00"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.min.css
archived.esl-staff.com/wp-includes/css/dist/block-library/ 102 KB
15 KB 200ms
196ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 14 Aug 2023 01:09:51 GMT
server: nginx
etag: W/"19824-602d7b82635c0"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 styles.css
archived.esl-staff.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 204ms
201ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6&fver=20240111040717
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 11 Jan 2024 16:07:17 GMT
server: nginx
etag: W/"b4e-60eadbdd64371"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
archived.esl-staff.com/wp-content/plugins/search-filter/ 577 B
709 B 204ms
200ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/plugins/search-filter/style.css?ver=1&fver=20221220035344
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 20 Dec 2022 03:53:44 GMT
server: nginx
accept-ranges: bytes
etag: "241-5f03a61da0200"
content-length: 577
content-type: text/css

GET
H2 200 whats-new.css
archived.esl-staff.com/wp-content/plugins/whats-new-genarator/ 966 B
1 KB 395ms
391ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/plugins/whats-new-genarator/whats-new.css?ver=2.0.2&fver=20190307073359
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: eafa6a366dd0ba9a67b5626ba349dad3ace7b6ef551697a131265a31f1c70c93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Thu, 07 Mar 2019 19:33:59 GMT
server: nginx
accept-ranges: bytes
etag: "3c6-58386301397c0"
content-length: 966
content-type: text/css

GET
H2 200 jquery.min.js Show response
archived.esl-staff.com/wp-includes/js/jquery/ 85 KB
32 KB 586ms
583ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 14 Aug 2023 01:09:51 GMT
server: nginx
etag: W/"155ba-602d7b82635c0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
archived.esl-staff.com/wp-includes/js/jquery/ 13 KB
5 KB 394ms
391ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 14 Aug 2023 01:09:51 GMT
server: nginx
etag: W/"3509-602d7b82635c0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
94 KB 444ms
132ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-P366PC5

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeeababcfb1ad9560ffd78277863634e5d1ba8bfa8de5b9dc77da4baa1fbfb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jan 2024 01:17:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 107ms
33ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 03:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 03:24:15 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
617 B 98ms
32ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://archived.esl-staff.com/
Origin: https://archived.esl-staff.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 01:17:35 GMT
age: 2199905
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/120.0.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 houmon-bnr.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 14 KB
14 KB 399ms
397ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/houmon-bnr.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 05f6ae9fb6adb98c08856d534fa35dcb09db1ff89b1ac23c30d9c38abad9758d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 18 Oct 2022 08:47:10 GMT
server: nginx
accept-ranges: bytes
etag: "378b-5eb4b233f9f80"
content-length: 14219
content-type: image/png

GET
H2 200 career-bnr.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 6 KB
6 KB 394ms
392ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/career-bnr.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 37539c40cdb917649dd6e108df7626effee4b6bc4dc280a8e00d2abed0b75b2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 18 Oct 2022 08:47:14 GMT
server: nginx
accept-ranges: bytes
etag: "18a4-5eb4b237ca880"
content-length: 6308
content-type: image/png

GET
H2 200 college-bnr.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 11 KB
11 KB 196ms
195ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/college-bnr.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 6b212a630e1b619410fbf9f27514c89b0d4a22321511817713f8f1a7e0db22ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 18 Oct 2022 08:47:16 GMT
server: nginx
accept-ranges: bytes
etag: "2d62-5eb4b239b2d00"
content-length: 11618
content-type: image/png

GET
H2 200 kinjo-bnr.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 6 KB
6 KB 197ms
196ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/kinjo-bnr.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 5bf79cbef8d0a4b2a05baf5d904a51af4b96fc831400a3edc4b194c75b3509d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 18 Oct 2022 08:47:12 GMT
server: nginx
accept-ranges: bytes
etag: "1873-5eb4b235e2400"
content-length: 6259
content-type: image/png

GET
H2 200 kango-bnr.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 7 KB
7 KB 196ms
195ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/kango-bnr.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 650d61dae4fcb7c69501380278f1cd01e9788dffd0e0fd25fb8185cdd11b4e9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 18 Oct 2022 08:47:18 GMT
server: nginx
accept-ranges: bytes
etag: "1d67-5eb4b23b9b180"
content-length: 7527
content-type: image/png

GET
H2 200 0d2b4108048f1aa1c0769377fa47514a.png
archived.esl-staff.com/wp-content/uploads/2023/07/ 2 KB
2 KB 212ms
205ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2023/07/0d2b4108048f1aa1c0769377fa47514a.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: e9d68e6b2724f4d832e93d2945f4567689677b4ce064bf89491480b37cdada1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 04 Jul 2023 07:33:28 GMT
server: nginx
accept-ranges: bytes
etag: "644-5ffa44c936200"
content-length: 1604
content-type: image/png

GET
H2 200 ic-tw2.png
archived.esl-staff.com/wp-content/uploads/2018/11/ 2 KB
2 KB 216ms
210ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2018/11/ic-tw2.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: cc2f88f65e2df0220e6fdebc899dca15b96ec76e7423859c5878d4300d8e7ec6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Fri, 19 Jul 2019 06:43:36 GMT
server: nginx
accept-ranges: bytes
etag: "654-58e030bb4d600"
content-length: 1620
content-type: image/png

GET
H2 200 ic-you.png
archived.esl-staff.com/wp-content/uploads/2019/02/ 3 KB
3 KB 203ms
197ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2019/02/ic-you.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: e27db307a5be9d4ac48d89a7f270b43a0a80dae177bd840aef88fc5fe93c17b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Fri, 19 Jul 2019 06:40:58 GMT
server: nginx
accept-ranges: bytes
etag: "a73-58e030249f280"
content-length: 2675
content-type: image/png

GET
H2 200 note_logo.png
archived.esl-staff.com/wp-content/uploads/2023/02/ 1 KB
1 KB 203ms
198ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2023/02/note_logo.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: be4d489cbf5b11572ffc51c675c4c36b3bf81d85a171481a7e1da5c43453c078

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Tue, 07 Feb 2023 07:03:56 GMT
server: nginx
accept-ranges: bytes
etag: "436-5f416c048af00"
content-length: 1078
content-type: image/png

GET
H2 200 plusone.js Show response
apis.google.com/js/ 56 KB
22 KB 371ms
41ms Script
text/javascript 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 01:17:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21930
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "198f19c141a8a438"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:17:35 GMT

GET
H2 200 button-only.gif
b.st-hatena.com/images/entry-button/ 254 B
700 B 351ms
40ms Image
image/gif 18.154.227.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/button-only.gif

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-19.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

cecced3759ead676c01a7fa67745175f258e1cf40bac53e54a958236c65180ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:45:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 24654743
x-cache: Hit from cloudfront
content-length: 254
last-modified: Thu, 30 Mar 2023 10:06:24 GMT
server: nginx
etag: "64255f20-fe"
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: aiXbaKuUQ8IfgFxGZFQ-lKX6AgbGezq38dkxjUehnMKe3f12XYGk9g==
expires: Tue, 02 Apr 2024 16:45:12 GMT

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ 6 KB
3 KB 350ms
38ms Script
application/x-javascript 18.154.227.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-19.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
date: Sat, 13 Jan 2024 16:12:36 GMT
last-modified: Fri, 22 Dec 2023 06:59:24 GMT
server: nginx
x-amz-cf-pop: IAD55-P5
age: 32699
etag: W/"658533cc-1990"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: 92rxTL9DvrxQOiHRkJFItIu266FOoDM6pi6hD5AeTsUX6gLNOPNolQ==
expires: Sun, 14 Jan 2024 16:12:36 GMT

GET
H2 200 line-btn.png
archived.esl-staff.com/wp-content/themes/simplicity2/images/ 521 B
656 B 204ms
198ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/images/line-btn.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: b6df81be4cc6b7e6f4bd45b72bb24edd816cbfe4b7fd8a6412224b09b8daa220

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Thu, 07 Mar 2019 19:34:39 GMT
server: nginx
accept-ranges: bytes
etag: "209-583863275f1c0"
content-length: 521
content-type: image/png

GET
H2 200 line-btn-mini.png
archived.esl-staff.com/wp-content/themes/simplicity2/images/ 531 B
666 B 213ms
209ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/images/line-btn-mini.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: f210c51557ca9d1726bc2d7fdb71f19786e2a8f2e92941bad3e368e0496e921b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Thu, 07 Mar 2019 19:34:39 GMT
server: nginx
accept-ranges: bytes
etag: "213-583863275f1c0"
content-length: 531
content-type: image/png

GET
H2 200 comment-reply.min.js Show response
archived.esl-staff.com/wp-includes/js/ 3 KB
2 KB 210ms
206ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Tue, 06 Sep 2022 03:36:51 GMT
server: nginx
etag: W/"ba5-5e7f9e8227ac0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 javascript.js Show response
archived.esl-staff.com/wp-content/themes/simplicity2/ 18 KB
5 KB 213ms
210ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/javascript.js?ver=6.3.2&fver=20190307073440
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 480a664a442c062929d181ab1beaaa25ba23330133a73b2888fd08f5423d449a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:40 GMT
server: nginx
etag: W/"4866-5838632853400"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 javascript.js Show response
archived.esl-staff.com/wp-content/themes/simplicity2-child/ 1 KB
828 B 214ms
211ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2-child/javascript.js?ver=6.3.2&fver=20220706112556
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 4966e08ea3911b4c89f8bb598e601ef05699274d9b5c9bdb1bfaac26c88bb715

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 11:25:56 GMT
server: nginx
etag: W/"5a6-5e3213b8bd900"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
archived.esl-staff.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 196ms
195ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6&fver=20240111040717
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 11 Jan 2024 16:07:17 GMT
server: nginx
etag: W/"2b6d-60eadbdd64371"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
archived.esl-staff.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 198ms
198ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6&fver=20240111040717
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 11 Jan 2024 16:07:17 GMT
server: nginx
etag: W/"337e-60eadbdd64371"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 367ms
53ms Script
text/javascript 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcBStcUAAAAADoL_2heeOZ3kEQYJTYS3CV1KGov&ver=3.0

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

332dfe6c6485dd021c66dcd4f74e2157ac06933ec16b0667662c0667236fddf2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 01:17:35 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
archived.esl-staff.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 217ms
210ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 15 May 2023 05:58:06 GMT
server: nginx
etag: W/"1feb-5fbb52373d780"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 regenerator-runtime.min.js Show response
archived.esl-staff.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 219ms
211ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 15 May 2023 05:58:06 GMT
server: nginx
etag: W/"19cf-5fbb52373d780"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
archived.esl-staff.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 214ms
207ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Mon, 14 Aug 2023 01:09:51 GMT
server: nginx
etag: W/"3f12-602d7b82635c0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
archived.esl-staff.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 934 B
1 KB 213ms
206ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.6&fver=20240111040717
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Thu, 11 Jan 2024 16:07:17 GMT
server: nginx
accept-ranges: bytes
etag: "3a6-60eadbdd65311"
content-length: 934
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
82 KB 407ms
98ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5N9G8PC

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84fab3ab0f41e453ccefc1ad35bebef6a1889b5ff2b435f1d0f480d792c6f1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83787
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jan 2024 01:17:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
65 KB 369ms
61ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MF2RZ6R

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e89a304decd9c905bf134d5619eb2d8e2ee488db40ef4ccba9f6a03026f7680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66494
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jan 2024 01:17:35 GMT

GET
H2 200 print.css
archived.esl-staff.com/wp-content/themes/simplicity2/css/ 1 KB
772 B 208ms
206ms Stylesheet
text/css 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/css/print.css?ver=6.3.2&fver=20190307073436
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 636b6ca97abe0dc0f5e987362701517180dba4f5c06da449e9415dd798820077

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:36 GMT
server: nginx
etag: W/"4da-5838632482b00"
vary: Accept-Encoding
content-type: text/css

GET
BLOB 200
OK 9dd08432-aa3a-4f4e-a6e4-b72b8af4e769
https://archived.esl-staff.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://archived.esl-staff.com/9dd08432-aa3a-4f4e-a6e4-b72b8af4e769
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 104 B
198 B 34ms
32ms Other
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://archived.esl-staff.com/
Origin: https://archived.esl-staff.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 01:17:35 GMT
age: 2199906
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/120.0.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dX4XEOZ8eJU Show response
www.youtube.com/embed/ Frame C12C 99 KB
42 KB 273ms
199ms Document
text/html 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63afa9b3cd971d0bbda8c41fb88b1c86ba95f91596204176e2d6ff6ce184d31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 01:17:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 custom-header.jpg
archived.esl-staff.com/wp-content/themes/simplicity2/images/ 84 KB
84 KB 386ms
385ms Image
text/html 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/images/custom-header.jpg
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 1b37f72162fb08d073cfb64f33b737d9817c84bbf4cb189dacbf9ce7c5544151

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://archived.esl-staff.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 kaigoiryo.jpg.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 172 KB
172 KB 204ms
199ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/kaigoiryo.jpg.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 9ac12b79edbeb35c248c0bdb059a61a04790638d7557b466abcd29f853a69738

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Mon, 17 Oct 2022 10:11:01 GMT
server: nginx
accept-ranges: bytes
etag: "2ae8d-5eb3831473740"
content-length: 175757
content-type: image/png

GET
H2 200 shikakukensyu.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 159 KB
159 KB 204ms
200ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/shikakukensyu.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 734c4732e57a9aa54655eb54ebaecccec22f0f40e65a6e1b149ee3cf86b3b246

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Fri, 21 Oct 2022 00:57:43 GMT
server: nginx
accept-ranges: bytes
etag: "27a02-5eb80ede36fc0"
content-length: 162306
content-type: image/png

GET
H2 200 kyujin.jpg.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 150 KB
150 KB 398ms
394ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/kyujin.jpg.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: b9a3f6d30b6f7d53a67ce7e19cf4223737ed9cc6be9435868f063d0202ab1640

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Mon, 17 Oct 2022 10:11:16 GMT
server: nginx
accept-ranges: bytes
etag: "2581a-5eb38322c1900"
content-length: 153626
content-type: image/png

GET
H2 200 franchise.jpg.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 136 KB
136 KB 579ms
576ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/franchise.jpg.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 429457ca9aca929e2899d08f9770e5111c69de844e65882f3bbf07931bb0091a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Mon, 17 Oct 2022 10:11:59 GMT
server: nginx
accept-ranges: bytes
etag: "220d8-5eb3834bc39c0"
content-length: 139480
content-type: image/png

GET
H2 200 system.jpg.png
archived.esl-staff.com/wp-content/uploads/2022/10/ 193 KB
193 KB 396ms
394ms Image
image/png 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archived.esl-staff.com/wp-content/uploads/2022/10/system.jpg.png
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 027d0a11b9e0cbd3a90c148f5a654cc8288eaac67123eea6c34e7f80d22abb94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Mon, 17 Oct 2022 10:11:45 GMT
server: nginx
accept-ranges: bytes
etag: "303fc-5eb3833e69a40"
content-length: 197628
content-type: image/png

GET
H2 200 icomoon.ttf
archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/ 20 KB
13 KB 199ms
197ms Font
application/font-sfnt 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/icomoon.ttf?hd9e6o
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css?ver=6.3.2&fver=20190307073446
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 4a3db0402a97fc98b720d04a2bce839eb05df3b9500d69f817dc3fef92bcf1d6

Request headers

Referer: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/icomoon/style.css?ver=6.3.2&fver=20190307073446
Origin: https://archived.esl-staff.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2019 19:34:46 GMT
server: nginx
etag: W/"4e14-5838632e0c180"
vary: Accept-Encoding
content-type: application/font-sfnt

GET
H2 200 fontawesome-webfont.woff2
archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/fonts/ 75 KB
76 KB 395ms
394ms Font
application/octet-stream 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css?ver=6.3.2&fver=20190307073445
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://archived.esl-staff.com/wp-content/themes/simplicity2/webfonts/css/font-awesome.min.css?ver=6.3.2&fver=20190307073445
Origin: https://archived.esl-staff.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:35 GMT
last-modified: Thu, 07 Mar 2019 19:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "12d68-5838632e0c180"
content-length: 77160

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 158 KB
55 KB 38ms
35ms Script
text/javascript 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1609e85d8370b7259775c76a2ba7456ee2ed72cb45cb68e59f14d3a6b0a0a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55872
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 05:46:42 GMT

GET
H2 200 btn.js Show response
widgets.getpocket.com/v1/j/ 2 KB
1 KB 150ms
32ms Script
application/javascript 99.84.191.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.191.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-110.iad89.r.cloudfront.net
Software: Apache/2.4.52 (Debian) /
Resource Hash: 5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 00:42:55 GMT
content-encoding: gzip
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 18:43:58 GMT
server: Apache/2.4.52 (Debian)
x-amz-cf-pop: IAD89-C2
age: 2082
etag: "90b-60e231d457780-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
accept-ranges: bytes
content-length: 1037
x-amz-cf-id: uoMw51dZvI2dN6Qz18_YrPn38GUT9Kcin1D8jRHAx1XzBjeLF1JvUg==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 148ms
33ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcBStcUAAAAADoL_2heeOZ3kEQYJTYS3CV1KGov&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archived.esl-staff.com/
Origin: https://archived.esl-staff.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 20:18:22 GMT

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ 6 KB
3 KB 42ms
41ms Script
application/x-javascript 18.154.227.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-19.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
date: Sat, 13 Jan 2024 16:12:36 GMT
last-modified: Fri, 22 Dec 2023 06:59:24 GMT
server: nginx
x-amz-cf-pop: IAD55-P5
age: 32699
etag: W/"658533cc-1990"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: GFPJudry9THc5Pb401rRU76FQERAF4NYQHBQNQ3qz-8H_HVLdudhFg==
expires: Sun, 14 Jan 2024 16:12:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 3 KB
3 KB 143ms
35ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b59d6286af40b77babf8e2ee9ec16fceeb20e37be0e7211cfaf9dfc1fe2d7da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 01:17:36 GMT
content-md5: UfgvSRbFsZX45pYphcTBEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: a6x7r0qsVVXVulDc8LEOlGi9Mrwn6hXJYftLvP+5MpmDWmTOcImw2f9AQaqOWx1tAccK7KMaY1NxJgO5fxVkng==
x-fb-content-md5: 8ffec2048b9489a779167643a83df6b5
cross-origin-opener-policy: same-origin-allow-popups
etag: "1922559e4733f1f92c73ff332ea7bd9d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:21:09 GMT

GET
H2 200 / Show response
b.hatena.ne.jp/entry/button/ Frame A396 1 KB
1 KB 339ms
210ms Document
text/html 18.67.76.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Farchived.esl-staff.com%2F&layout=vertical-large

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/js/bookmark_button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-119.iad89.r.cloudfront.net

Software

nginx /

Resource Hash

a253b990e6d6910495fc8b12df38f18f7c2982b4a260e40207fedc747a994ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 14 Jan 2024 01:17:36 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 92ed8a6103fa735c31caf49b92d4efb6.cloudfront.net (CloudFront)
x-amz-cf-id: Jz9EkUMaBo5dM2613oa2PdghQe5FxvBbyPCi1JiLameqEswYdzsdFA==
x-amz-cf-pop: IAD89-P2
x-cache: Miss from cloudfront

GET
H2 200 wp-emoji-release.min.js Show response
archived.esl-staff.com/wp-includes/js/ 18 KB
5 KB 232ms
193ms Script
application/javascript 183.90.238.46
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://archived.esl-staff.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.46 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2345.xserver.jp
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:36 GMT
content-encoding: br
last-modified: Mon, 15 May 2023 05:58:06 GMT
server: nginx
etag: W/"4904-5fbb52373d780"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 97 KB
34 KB 54ms
35ms Script
text/javascript 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f3855dafef7d28d65e1969f2d8c7c651b92f590fb2946f80c818064742745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34350
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 16:26:24 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 54FB 0
0

GET
H2 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame C12C 358 KB
47 KB 47ms
35ms Stylesheet
text/css 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 00:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Jan 2025 00:26:21 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame C12C 323 KB
97 KB 63ms
54ms Script
text/javascript 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:15:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 23:15:50 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame C12C 2 MB
769 KB 83ms
74ms Script
text/javascript 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa9675b7cbdba5307d9d411e7a76f13d1b6b462844cdbf3d918f37bfdff029e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 23:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 787058
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 23:27:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
94 KB 62ms
61ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-P366PC5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF2RZ6R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee0abc38d3a566618eac6a296dd95e515be131e302bc3c96e3a974ce1987f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jan 2024 01:17:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 78ms
59ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L6C9RNZ0DP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF2RZ6R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57ea752369f002b5d1e45591b8921ffd96fb768735bf1b753029a5e4806c2abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86597
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jan 2024 01:17:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
56 KB 47ms
34ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jan 2024 01:17:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7siIJhp4A7+WowtgZwpcVjpiKXjQMpfibe4kWsgeENQ3Nge+N/TYyY4GlcLulpfYobtFYQ/dmXGbgi2Zz/OBOQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 122ms
86ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1XQZ4P74MW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9G8PC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e8bb4478a9170f381ea820cdaf8a2d350c249536d1cfbe84fdb047c745295b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 Jan 2024 01:17:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 88ms
74ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11382215618&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9G8PC

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c3cb1bbc7c0043c2be1b3052ffd56096348377c61f3a0cb928240ca92090f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82484
x-xss-protection: 0
last-modified: Sun, 14 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Jan 2024 01:17:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/638828243/ 2 KB
2 KB 324ms
51ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/638828243/?random=1705195056315&cv=11&fst=1705195056315&bg=ffffff&guid=ON&async=1&gtm=45He41a0v830886984&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farchived.esl-staff.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&auid=2101876375.1705195056&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9G8PC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f96a0a0577ea10436887cc35eb584fb61be8567760913217ace428d85c820d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 27 KB
9 KB 2042ms
178ms Script
application/javascript 182.22.25.124
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5N9G8PC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.25.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: 87813d0507d9e425d8a423153e598fbef4342d9a553edc4e0ad29cba6b380274

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 14 Jan 2024 01:16:04 GMT
content-encoding: gzip
last-modified: Mon, 20 Nov 2023 05:05:25 GMT
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 94
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-ntap-sg-trace-id: db61d97b302f7dee
cache-control: public, max-age=600
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 8975

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 356ms
93ms Script
application/javascript 23.209.61.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.209.61.209 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-209-61-209.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Sun, 14 Jan 2024 01:17:36 GMT
x-amz-request-id: tx0000063917f0b3c13088d-00651a6066-14071e65-jp2
content-length: 9865
x-amz-expiration: expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified: Mon, 02 Oct 2023 06:16:39 GMT
server: VOS
etag: "02e4691c0dcc2f7ecef2712fb0f24921"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=622679
accept-ranges: bytes
expires: Sun, 21 Jan 2024 06:15:35 GMT

GET
H2 200 pixel2.js Show response
cd.ladsp.com/script/ 6 KB
3 KB 292ms
45ms Script
text/javascript 13.32.155.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script/pixel2.js
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.155.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-155-20.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afdf299864eab97c1e15580c32b23fb5cc2378435ca5b5b7da8dd42fc3f2315b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 05:45:02 GMT
content-encoding: gzip
via: 1.1 d203e374ba383a11f7beaf8a1353c660.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
age: 1193555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2326
last-modified: Mon, 13 Mar 2023 04:15:31 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1678680903/ctime:1678680915/gid:0/gname:root/md5:a562b23936ec9ddbaea83b5b5f91f189/mode:33188/mtime:1678680903/uid:0/uname:root
etag: "a562b23936ec9ddbaea83b5b5f91f189"
content-type: text/javascript
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-amz-cf-id: GVYz840zcXUeBRDYX6R1Chp7MGOXz4UVCbXrtTTw_kJ9gjXWlYqcfQ==

GET
H2 200 pixel2_p_delay.js Show response
cd.ladsp.com/script/ 4 KB
2 KB 293ms
45ms Script
text/javascript 13.32.155.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script/pixel2_p_delay.js
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.155.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-155-20.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424da953a071c56f6274ec5303ae946f2f3f3988be32355b2e2cc72c84ca573c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:38:57 GMT
content-encoding: gzip
via: 1.1 d203e374ba383a11f7beaf8a1353c660.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jan 2020 06:07:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 1049919
etag: "8e7236b47efc360b4a530840d0ad9dc2"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
content-length: 1719
x-amz-cf-id: y97FHh0dQoHLsMkZY3on1iq4OAbbrEJvuoLODrc_wD0rV9Si_ouLOg==

GET
H2 200 button Show response
widgets.getpocket.com/v1/ Frame DF21 840 B
964 B 33ms
32ms Document
text/html 99.84.191.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/v1/button?label=pocket&count=vertical&v=1&url=https%3A%2F%2Farchived.esl-staff.com%2F&title=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&src=https%3A%2F%2Farchived.esl-staff.com%2F&r=0.5350346681300735
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/j/btn.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.191.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-110.iad89.r.cloudfront.net
Software: Apache/2.4.52 (Debian) / PHP/7.3.33
Resource Hash: a3c8009a78df4126fa3e9cce7f2f328a2ee15ae81dd10f5c533d8fe01b1d3ed7

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
age: 908
content-encoding: gzip
content-length: 550
content-location: button.php
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 01:02:28 GMT
server: Apache/2.4.52 (Debian)
tcn: choice
vary: Accept-Encoding
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
x-amz-cf-id: M-Bou8ECnL6PIij9Yl9E4Dv6ABmsmnuZCbvM9-yThdIfV-RH-uSYIA==
x-amz-cf-pop: IAD89-C2
x-cache: Hit from cloudfront
x-powered-by: PHP/7.3.33

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C12C 15 KB
16 KB 244ms
36ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:12:34 GMT
x-content-type-options: nosniff
age: 194702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:12:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C12C 15 KB
15 KB 250ms
43ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 03:28:28 GMT
x-content-type-options: nosniff
age: 164948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 03:28:28 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 298 KB
85 KB 74ms
38ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=4593bb3b96cbdf385cb4b7ec69577c3d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faf0aa3bdb637c42c777f7083898bee26c7ed444ff48e240a8fa8030ea7fd1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://archived.esl-staff.com/
Origin: https://archived.esl-staff.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 01:17:36 GMT
content-md5: 164HDqWhr3xcpmoF7IiNjg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87121
reporting-endpoints
x-fb-debug: eUhBq6QI001h6kWBGtS6F8YuLrBB4RGUDI1GiBrQIHE38O9oK1HcBdxwu3TDfpQ/9m2zXAwKeG2VkpPws+vjqQ==
x-fb-content-md5: 41fb2f75faf41a53050946ce0553d4e7
cross-origin-opener-policy: same-origin-allow-popups
etag: "878a1333149501f7197c79fad3b97722"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 Jan 2025 23:50:02 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 6ECA 565 B
873 B 165ms
67ms Document
text/html 2607:f8b0:4004:c08::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farchived.esl-staff.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::54 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7630cb2338bbcb79e21a326d6f748e027c41ee94b80bad0810db692c41a0852c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-CQllNvUQAV6AssyuP6-T0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-CQllNvUQAV6AssyuP6-T0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sun, 14 Jan 2024 01:17:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
249 B 147ms
44ms Ping
text/plain 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QF4Q5HLH88&gtm=45Pe41a0v9169597149&_p=1705195054939&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1995233354.1705195057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705195056&sct=1&seg=0&dl=https%3A%2F%2Farchived.esl-staff.com%2F&dt=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5474
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-P366PC5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://archived.esl-staff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1096 7 KB
1 KB 289ms
49ms Document
text/html 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBStcUAAAAADoL_2heeOZ3kEQYJTYS3CV1KGov&co=aHR0cHM6Ly9hcmNoaXZlZC5lc2wtc3RhZmYuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=riuyp4a04rra

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d84d2d290638df819902dc2b4d962c0f2068040038cba90df41ca96f5fedcce3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qR55n2MU-8CrmdGxvfZDmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qR55n2MU-8CrmdGxvfZDmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 01:17:37 GMT
expires: Sun, 14 Jan 2024 01:17:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 reset.css
b.st-hatena.com/css/ Frame A396 2 KB
1 KB 50ms
38ms Stylesheet
text/css 18.154.227.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/reset.css?e35605126c1618c25529ee93b014185916eabe29

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Farchived.esl-staff.com%2F&layout=vertical-large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-19.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
date: Sat, 13 Jan 2024 01:34:01 GMT
last-modified: Fri, 22 Dec 2023 06:57:33 GMT
server: nginx
x-amz-cf-pop: IAD55-P5
age: 85415
etag: W/"6585335d-817"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: K3GamnWxUUA3MrKM-ub7as76CjDW1YkV0jHQ5ldXOb_l-JQeWgb-YA==
expires: Sun, 14 Jan 2024 01:34:01 GMT

GET
H2 200 entry-button.css
b.st-hatena.com/css/ Frame A396 5 KB
2 KB 55ms
44ms Stylesheet
text/css 18.154.227.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/entry-button.css?e35605126c1618c25529ee93b014185916eabe29

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Farchived.esl-staff.com%2F&layout=vertical-large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-19.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
date: Sat, 13 Jan 2024 07:24:21 GMT
last-modified: Fri, 22 Dec 2023 06:57:33 GMT
server: nginx
x-amz-cf-pop: IAD55-P5
age: 64396
etag: W/"6585335d-134a"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: jkLvXACylDeAqk8bOVkA1_fUUsscPvsyxrICZDFSSS3CjnMCXI7Ndw==
expires: Sun, 14 Jan 2024 07:24:21 GMT

GET
H/1.1 200
OK widgetButton.91d9e0cb42c020d8c4b1.css
assets.getpocket.com/web/ Frame DF21 3 KB
2 KB 253ms
36ms Stylesheet
text/css 18.67.76.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=vertical&v=1&url=https%3A%2F%2Farchived.esl-staff.com%2F&title=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&src=https%3A%2F%2Farchived.esl-staff.com%2F&r=0.5350346681300735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-28.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets.getpocket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 14:25:40 GMT
Content-Encoding: gzip
Via: 1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD89-P2
Age: 3754318
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 30 Nov 2023 23:30:51 GMT
Server: AmazonS3
ETag: W/"5ae752a86d7f88b510c944c8fdbd4398"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000,s-maxage=31536000
X-Amz-Cf-Id: 679aCmIDNCgohvfMbKmdW1xZzy4kA1HUSoX3aqKwcysbsZ6R4rh55Q==

GET
H/1.1 200
OK widgetButton.5d2ff226d41975eecf00.js Show response
assets.getpocket.com/web/ Frame DF21 20 KB
8 KB 319ms
42ms Script
application/javascript 18.67.76.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.getpocket.com/web/widgetButton.5d2ff226d41975eecf00.js
Requested by: Host: widgets.getpocket.com
URL: https://widgets.getpocket.com/v1/button?label=pocket&count=vertical&v=1&url=https%3A%2F%2Farchived.esl-staff.com%2F&title=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&src=https%3A%2F%2Farchived.esl-staff.com%2F&r=0.5350346681300735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-28.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf6f3f218eb933bf45fbfa0048756c9302e86def0cf705566b0b40766af2d30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets.getpocket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 04:32:50 GMT
Content-Encoding: gzip
Via: 1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD89-P2
Age: 1889088
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 11 Dec 2023 16:55:18 GMT
Server: AmazonS3
ETag: W/"f39be6a0f620a18de0c8ebc69a2a56cc"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000,s-maxage=31536000
X-Amz-Cf-Id: v4vGJsR87QmL8gI5Lbkax2_fiFF92KxkqZkAzpqCw9_GqsDcrhtPXA==

POST
H2 204 cspreport
accounts.google.com/o/ Frame 6ECA 0
229 B 80ms
69ms Other
text/html 2607:f8b0:4004:c08::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::54 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-ji9zhhUbnGoEpvapvI12HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farchived.esl-staff.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-ji9zhhUbnGoEpvapvI12HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478691279-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 6ECA 12 KB
6 KB 255ms
39ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Farchived.esl-staff.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5186
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 15:06:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 18:19:34 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 6ECA 18 KB
7 KB 48ms
40ms Script
text/javascript 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 01:17:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "82744994a59c0fbb"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 01:17:36 GMT

GET
H3 200 486956301996367 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 155ms
155ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/486956301996367?v=2.9.140&r=stable&domain=archived.esl-staff.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

286903be7ab6caac28e3a66b7163d93a1fde17fa54e1d4e90e6f140144357d42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jan 2024 01:17:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: B7VzOnom28LCnLme3JbkKTTxpp7RIU4XdP9ntSjbqhH/h9tDLcMFUVxldXVN/UMdqxSqwt51Gv0t6PxVK8k+/Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11382215618/ 2 KB
2 KB 50ms
49ms Script
text/javascript 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11382215618/?random=1705195057109&cv=11&fst=1705195057109&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9169594308z8830886984&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Farchived.esl-staff.com%2F&hn=www.googleadservices.com&frm=0&tiba=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&auid=2101876375.1705195056&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11382215618&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83106125e104777692483899f16b961fa1cc71ebdcdcc7ec756d5d66c3ef2010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 65ms
52ms Ping
text/plain 2607:f8b0:4004:c1f::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1XQZ4P74MW&gtm=45je41a0v9172538619z8830886984&_p=1705195054939&gcd=11l1l1l1l1&dma=0&cid=1995233354.1705195057&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705195057&sct=1&seg=0&dl=https%3A%2F%2Farchived.esl-staff.com%2F&dt=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&en=page_view&_fv=1&_ss=1&tfd=6033
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1XQZ4P74MW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://archived.esl-staff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
gtm-kgl6p4h-mmyyn.uc.r.appspot.com/g/ 0
463 B 369ms
282ms Ping
text/html 2607:f8b0:4004:c08::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-kgl6p4h-mmyyn.uc.r.appspot.com/g/collect?v=2&tid=G-L6C9RNZ0DP&gtm=45je41a0v869583223z8866472130&_p=1705195054939&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1995233354.1705195057&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705195057&sct=1&seg=0&dl=https%3A%2F%2Farchived.esl-staff.com%2F&dt=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&en=page_view&_fv=1&_ss=1&tfd=6106
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6C9RNZ0DP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::99 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:37 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: fc05d9effb72f524da66c0e23dda7181;o=1
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sun, 14 Jan 2024 01:17:37 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/638828243/ 42 B
64 B 81ms
80ms Image
image/gif 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/638828243/?random=1705195056315&cv=11&fst=1705194000000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v830886984&u_w=1600&u_h=1200&url=https%3A%2F%2Farchived.esl-staff.com%2F&frm=0&tiba=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_RhN_QWGLXuwGxdEZEJDygaZTPUNGuQ&random=2082782048&rmt_tld=0&ipr=y

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 1096 55 KB
24 KB 188ms
122ms Stylesheet
text/css 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBStcUAAAAADoL_2heeOZ3kEQYJTYS3CV1KGov&co=aHR0cHM6Ly9hcmNoaXZlZC5lc2wtc3RhZmYuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=riuyp4a04rra

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 22:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 22:41:56 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 1096 503 KB
201 KB 108ms
43ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 20:18:22 GMT

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 582ms
184ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=05156026-f72d-4bdc-9467-55fac7833ec5&b_u=https%3A%2F%2Farchived.esl-staff.com%2F&b_d=archived.esl-staff.com&b_p=%2F&b_t=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&c_t=lap&t_id=fd6fd94c-6361-47f3-8225-7459d13e60d3&s_id=eeca4674-c4de6d1f&x4=100&e=pv&v=3.4.1&_t=1705195057451
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:37 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C12C 113 B
159 B 232ms
231ms XHR
application/json 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee5daad77ba938652fa0673c31c6974dfa0f2a43a8ee690010ed922e7416de4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C12C 29 B
495 B 164ms
43ms Script
text/javascript 2607:f8b0:4004:c17::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::94 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:09:32 GMT
x-content-type-options: nosniff
age: 485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Jan 2024 01:24:32 GMT

GET
H2

200

pixel Show response
px.ladsp.com/
Redirect Chain

https://px.ladsp.com/pixel?advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9yb...
https://px.ladsp.com/pixel?cr=true&advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwb...

1 KB
1 KB

216ms
213ms

Script
text/javascript

52.193.77.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ladsp.com/pixel?cr=true&advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H2
Server: 52.193.77.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-77-224.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 04f5edc3f9369d0be9a734352f2a8752f7757a93853556c13a0d3ec5275ee09d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:38 GMT
content-encoding: gzip
server: Logicad
vary: accept-encoding
content-type: text/javascript;charset=utf-8
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: private, no-store, no-cache, must-revalidate
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:38 GMT
server: Logicad
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://px.ladsp.com/pixel?cr=true&advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
cache-control: private, no-store, no-cache, must-revalidate
content-length: 0
expires: -1

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 151ms
38ms Preflight
text/html 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 14 Jan 2024 01:17:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C12C 87 KB
40 KB 44ms
41ms XHR
application/json+protobuf 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2d5e157a6cfdd639879a5de616dd4f415cfb56b018953c0c9988cd48ca5c678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 14 Jan 2024 01:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40867
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame C12C 76 KB
31 KB 249ms
247ms XHR
application/json 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d72a79cc04652f5515261d583f3e420ac80fa0172186850fc257d06ad0837bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240109.00.00
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D

Response headers

date: Sun, 14 Jan 2024 01:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31721
x-xss-protection: 0

GET
H3 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame C12C 50 KB
19 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:54:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 17:54:46 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame C12C 52 KB
16 KB 40ms
40ms Script
text/javascript 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e97944b7e167434fa20cfb0cb6c6ad36d4e67ef3a3b39c05dab09c839a0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 00:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16354
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Jan 2025 00:36:24 GMT

GET
DATA 200
OK truncated
/ Frame C12C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OKshVHLy1tNEBTrJgK24igONyFArOFgiYAGK_-3DKmAXiDAzFfhyewvZC7ubQw7BvrmAyJ8Ayw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C12C 1 KB
1 KB 143ms
73ms Image
image/jpeg 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/OKshVHLy1tNEBTrJgK24igONyFArOFgiYAGK_-3DKmAXiDAzFfhyewvZC7ubQw7BvrmAyJ8Ayw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d88f9bdfe8ca7069594001be400eb41348df50051ec9c0e606dd646d2ff04c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1068
x-xss-protection: 0
expires: Mon, 15 Jan 2024 01:17:37 GMT

GET
H2 200 vertical-en.svg
b.st-hatena.com/images/entry-button/ Frame A396 3 KB
2 KB 34ms
33ms Image
image/svg+xml 18.154.227.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/vertical-en.svg

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/css/entry-button.css?e35605126c1618c25529ee93b014185916eabe29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-19.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

3b0d71516f26850ac7fe8e547fa5eaf17412c660036960ff36cc7cc0dd0178be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b.st-hatena.com/css/entry-button.css?e35605126c1618c25529ee93b014185916eabe29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 02:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 3798708
x-cache: Hit from cloudfront
last-modified: Fri, 24 Nov 2023 05:36:10 GMT
server: nginx
etag: W/"6560364a-df1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
x-amz-cf-id: 8BMs2EKIKdSu09DZI3EwYvtgw4ZA0lmD-TrknYJpXnkIDT8Wvg2gZQ==
expires: Sat, 30 Nov 2024 02:05:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ Frame 6ECA 65 KB
23 KB 33ms
33ms Script
text/javascript 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23557
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 00:49:31 GMT

GET
H3 200 1494358804101324 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 148ms
148ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1494358804101324?v=2.9.140&r=stable&domain=archived.esl-staff.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

293c7b34d41c438e484f0e40806890fb88db79bd43789d61e1ddb9798a3d2762

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 14 Jan 2024 01:17:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 81YA+NnCOluMvvoc/3WjnRrSE9nPvGyfEgQ9XAfRbsxAreOiOnYEcKfLWTpOdag4KLvixFmQLaPNIiDYkfyPzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11382215618/ 42 B
64 B 69ms
68ms Image
image/gif 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11382215618/?random=1705195057109&cv=11&fst=1705194000000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9169594308z8830886984&u_w=1600&u_h=1200&url=https%3A%2F%2Farchived.esl-staff.com%2F&frm=0&tiba=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_mKVutTyrInUXPeI7A-BbkyXvCBIyCpVm-kTiTBnrI--ihr_T&random=1780905580&rmt_tld=0&ipr=y

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saves Show response
widgets.getpocket.com/api/ Frame DF21 11 B
384 B 72ms
62ms XHR
application/json 99.84.191.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getpocket.com/api/saves?url=https%3A%2F%2Farchived.esl-staff.com%2F
Requested by: Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.5d2ff226d41975eecf00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.191.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-110.iad89.r.cloudfront.net
Software: Apache/2.4.52 (Debian) / PHP/7.3.33
Resource Hash: 70a18337b987c7639db9de27723cdb120997777f506cc3b419b055575ca9ff61

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets.getpocket.com/v1/button?label=pocket&count=vertical&v=1&url=https%3A%2F%2Farchived.esl-staff.com%2F&title=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&src=https%3A%2F%2Farchived.esl-staff.com%2F&r=0.5350346681300735
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:37 GMT
via: 1.1 3924198dd88678a1cab97875f32b6f20.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Debian)
x-amz-cf-pop: IAD89-C2
x-powered-by: PHP/7.3.33
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://pocket.com,https://getpocket.com,https://widgets.getpocket.com
tcn: choice
content-location: saves.php
content-length: 11
x-amz-cf-id: 81lRStMBOjVkvkoY-CPcXCOMsTOt9MuWXkl6PRox2B5-KpmyesYQyw==

GET
H/1.1 200
OK pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
assets.getpocket.com/web/widgetButton/images/ Frame DF21 1 KB
2 KB 35ms
33ms Image
image/png 18.67.76.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.getpocket.com/web/widgetButton/images/pocket_button.d3a57cce2ccd22d7db8e29ff66dc09df.png
Requested by: Host: assets.getpocket.com
URL: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-28.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.getpocket.com/web/widgetButton.91d9e0cb42c020d8c4b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 04:32:50 GMT
Via: 1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Dec 2023 16:55:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
Age: 1889088
ETag: "d3a57cce2ccd22d7db8e29ff66dc09df"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000,s-maxage=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1062
X-Amz-Cf-Id: B-KsUPo6o6rlTC_24gg9xNj3BxGTOc-2yowWCPwy7wnwfuDNwHxdng==

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
34ms Preflight
text/html 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 14 Jan 2024 01:17:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C12C 90 B
134 B 42ms
41ms XHR
application/json+protobuf 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a244c49ead19a6d77ef5e3581ec6a8faaaacda0833681a51b6c73798c351073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 14 Jan 2024 01:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 collect Show response
gtm-kgl6p4h-mmyyn.uc.r.appspot.com/g/ 65 B
575 B 232ms
232ms XHR
text/plain 2607:f8b0:4004:c08::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-kgl6p4h-mmyyn.uc.r.appspot.com/g/collect?v=2&tid=G-L6C9RNZ0DP&gtm=45je41a0v869583223z8866472130&_p=1705195054939&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1995233354.1705195057&ul=en-us&sr=1600x1200&_fplc=0&ur=US-NY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=US&sst.gcd=11l1l1l1l1&sst.tft=1705195054939&_s=2&sid=1705195057&sct=1&seg=0&dl=https%3A%2F%2Farchived.esl-staff.com%2F&dt=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&en=gtm.dom&ep.event_id=101db2d5-8f5a-49c0-a0cf-d684eeb8c2bd_1705195055528.7&ep.event_name=PageView&_et=13&tfd=6814&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L6C9RNZ0DP&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::99 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://archived.esl-staff.com
x-cloud-trace-context: 4542d914b3347c664e73248f73ac68bb
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90
expires: Sun, 14 Jan 2024 01:17:38 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame C12C 0
19 B 72ms
72ms XHR
text/html 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&cpn=kRhPmKZE3t6loubb&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153832%2C20%2C23111%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C11466%2C3616%2C1067%2C1360%2C8594%2C2008%2C4552%2C6115%2C832%2C3032%2C722%2C4460%2C1493%2C588%2C3028%2C858%2C1597%2C5371&cl=597054475&seq=1&docid=dX4XEOZ8eJU&ei=MTajZdzqLLyW_9EP9M6P6AE&event=streamingstats&plid=AAYO3amyFRIrYYWw&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FdX4XEOZ8eJU%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26list%3DPLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV%26controls%3D0%26start%3D1%26showinfo%3D0&qclc=ChBrUmhQbUtaRTN0NmxvdWJiEAE&embargoed=0&cbr=Chrome&cbrver=120.0.6099.216&c=WEB_EMBEDDED_PLAYER&cver=1.20240109.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.035:B,0.413:B,0.413:B&cat=streaming&cmt=0.035:0.000,0.413:1.000&vfs=0.413:244:244::r&view=0.413:840:473&bwe=0.413:130000&bat=0.413:1:1&vis=0.413:0&bh=0.413:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057344&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 725 B
2 KB 171ms
76ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=7330108&dur=145.144&lmt=1675239989639246&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgYSkdmPZsR69pMC4nhAwGrsUCRHhz90yt7VGUZelu5d4CIC1jjltWEZo2ezlX2Q0nhjza4_795PWO-SkV-c2VlyUf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=0-669&rn=1&rbuf=0&pot=IjjwofCnlQLGk7PGhNCq9KLTv_eAzqLpnOi_4pnXx-iJ1bLLueqzxrr3pdm55LfGscao4NWStITD5Q==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

501d58b2b30dc4fb76b486347020e028b1b3a2e53e24bbed14877b55235d0c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:38 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 01 Feb 2023 08:26:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sun, 14 Jan 2024 01:17:38 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 573 B
2 KB 169ms
75ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=2482060&dur=145.161&lmt=1675239984416515&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgS1-jwWJyDekwp3yimW64cT4GedcA8K28dS8rdtG4ja4CICNcSY9JJjewUiMX9GFL8i_AjmEq9ZWLqYCGDQg5OfvW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=0-517&rn=2&rbuf=0&pot=IjjfX99ZuvzpbZw4qy6FCo0tkAmvMI0XsxaQHLYp6BamK501lhScOJUJiieWGpg4njiHHvpsm3rsGw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0748762b36b082f16562f253a02ee6672f8518f0766cc70c3956af175e68ad29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:38 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 01 Feb 2023 08:26:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sun, 14 Jan 2024 01:17:38 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame C12C 71 KB
24 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6006e63e53eeec8b456d6804b478580c054a3c7fc64df5569fe5a321cd70f69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24401
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jan 2025 08:35:24 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/ Frame C12C 33 KB
8 KB 43ms
43ms Script
text/javascript 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7007b77891232b44b3b3b276b212ef4163a3e0166d2a936647c163913a74a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8324
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jan 2025 08:34:22 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame C12C 35 KB
7 KB 307ms
306ms XHR
application/json 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8bad1ad6cb9fee3a7c054464678955117d10231d4e89276b7235786ee9face82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240109.00.00
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D

Response headers

date: Sun, 14 Jan 2024 01:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7393
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1096 2 KB
2 KB 34ms
33ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:20:06 GMT
x-content-type-options: nosniff
age: 17852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 Jan 2024 20:20:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1096 15 KB
15 KB 42ms
41ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:12:34 GMT
x-content-type-options: nosniff
age: 194704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:12:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 134ms
39ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486956301996367&ev=PageView&dl=https%3A%2F%2Farchived.esl-staff.com%2F&rl=&if=false&ts=1705195058162&sw=1600&sh=1200&v=2.9.140&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.1.1705195057801.1166927797&ler=empty&it=1705195057081&coo=false&eid=101db2d5-8f5a-49c0-a0cf-d684eeb8c2bd_1705195055528.7&cdl=&rqm=GET

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jan 2024 01:17:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
39ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1494358804101324&ev=PageView&dl=https%3A%2F%2Farchived.esl-staff.com%2F&rl=&if=false&ts=1705195058261&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705195057801.1166927797&ler=empty&it=1705195057081&coo=false&cdl=&rqm=GET

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jan 2024 01:17:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
40ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486956301996367&ev=SubmitApplication&dl=https%3A%2F%2Farchived.esl-staff.com%2F&rl=&if=false&ts=1705195058263&sw=1600&sh=1200&v=2.9.140&r=stable&a=gtmss&ec=1&o=4126&fbp=fb.1.1705195057801.1166927797&ler=empty&it=1705195057081&coo=false&cdl=&rqm=GET

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jan 2024 01:17:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
40ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1494358804101324&ev=SubmitApplication&dl=https%3A%2F%2Farchived.esl-staff.com%2F&rl=&if=false&ts=1705195058264&sw=1600&sh=1200&v=2.9.140&r=stable&ec=1&o=4126&fbp=fb.1.1705195057801.1166927797&ler=empty&it=1705195057081&coo=false&cdl=&rqm=GET

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 14 Jan 2024 01:17:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame C12C 0
10 B 53ms
53ms Image
text/plain 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ZfGUvQ
Requested by: Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 64 KB
64 KB 70ms
30ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=2482060&dur=145.161&lmt=1675239984416515&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgS1-jwWJyDekwp3yimW64cT4GedcA8K28dS8rdtG4ja4CICNcSY9JJjewUiMX9GFL8i_AjmEq9ZWLqYCGDQg5OfvW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=518-66053&rn=3&rbuf=0&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f89aed0d3c1d737efca7ab2f6770db757bdfd83a17e613c01c71ab24e90e162c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 08:26:24 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sun, 14 Jan 2024 01:17:38 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C12C 28 B
50 B 55ms
51ms XHR
application/json 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705195058479
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057344&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

date: Sun, 14 Jan 2024 01:17:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H/1.1 200
OK conversion_async.js Show response
b99.yahoo.co.jp/pagead/ 46 KB
18 KB 2432ms
320ms Script
text/javascript 183.79.255.12
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b99.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

e98d360dfb4942c7ef43688eb3ae9fb67020c061c6a6583501d12e39930b0eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:40 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Connection: close
X-XSS-Protection: 0
Server: cafe
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ETag: 448873653633963753
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Sun, 14 Jan 2024 01:17:40 GMT

GET
H2 200 iframe Show response
um.ladsp.com/match/ Frame 210D 3 KB
3 KB 842ms
534ms Document
text/html 18.160.46.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-101.iad55.r.cloudfront.net
Software: Logicad /
Resource Hash: 34e04d86647a76c11be3f62b30d7b1f55005b53af36054f237e2a15f8c957d88

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Sun, 14 Jan 2024 01:17:39 GMT
expires: -1
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 2e9efc6c92f43e49016092f40e32ddc4.cloudfront.net (CloudFront)
x-amz-cf-id: ucuOIesLi0aMbVlVbcZ2D6O6MIl6yjVhugDLPDofC1lxypQr_HaYLQ==
x-amz-cf-pop: IAD55-P2
x-cache: Miss from cloudfront

GET
H2 200 iframe Show response
um.ladsp.com/match/ Frame CF5C 3 KB
3 KB 506ms
202ms Document
text/html 18.160.46.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00013323&su=2&site_url=https%3A%2F%2Farchived.esl-staff.com%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-101.iad55.r.cloudfront.net
Software: Logicad /
Resource Hash: bf9fb996dd73b595e25834b116f991fceba614ebad9d47d66a7f0df681232884

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Sun, 14 Jan 2024 01:17:38 GMT
expires: -1
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 2e9efc6c92f43e49016092f40e32ddc4.cloudfront.net (CloudFront)
x-amz-cf-id: 7FipMCgfpUNw511v_b1hfaemmLWgd26s8r6_lRQqNTyZ0I20nJWqDw==
x-amz-cf-pop: IAD55-P2
x-cache: Miss from cloudfront

GET
H2 200 / Show response
am.yahoo.co.jp/rt/ 0
656 B 1718ms
186ms Script
text/javascript 182.22.25.124
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL

https://am.yahoo.co.jp/rt/?p=9AXR3AIX5U&label=&ref=https%3A%2F%2Farchived.esl-staff.com%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1705195058.9006088&pvid=ti2yj21t88clrct3zvv&su=bf6b8d83-3b7a-447f-904c-ba8be35a444e&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.25.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:40 GMT
x-content-type-options: nosniff
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 0
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 1;mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 167 KB
167 KB 28ms
27ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=7330108&dur=145.144&lmt=1675239989639246&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgYSkdmPZsR69pMC4nhAwGrsUCRHhz90yt7VGUZelu5d4CIC1jjltWEZo2ezlX2Q0nhjza4_795PWO-SkV-c2VlyUf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=670-171457&rn=4&rbuf=0&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

63c2edf6341fe6898ed3861f00b9a99ff512b34c076087863d7f9a712d1b5bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 14 Jan 2024 01:17:38 GMT
date: Sun, 14 Jan 2024 01:17:38 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 01 Feb 2023 08:26:29 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2 200 OKshVHLy1tNEBTrJgK24igONyFArOFgiYAGK_-3DKmAXiDAzFfhyewvZC7ubQw7BvrmAyJ8Ayw=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C12C 1 KB
1 KB 77ms
75ms Image
image/jpeg 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/OKshVHLy1tNEBTrJgK24igONyFArOFgiYAGK_-3DKmAXiDAzFfhyewvZC7ubQw7BvrmAyJ8Ayw=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

788ec6dce317bc34cf7802f3de841d9076c090677fb97d357384534be91b287e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1428
x-xss-protection: 0
expires: Mon, 15 Jan 2024 01:17:38 GMT

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 167 KB
167 KB 28ms
27ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=7330108&dur=145.144&lmt=1675239989639246&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgYSkdmPZsR69pMC4nhAwGrsUCRHhz90yt7VGUZelu5d4CIC1jjltWEZo2ezlX2Q0nhjza4_795PWO-SkV-c2VlyUf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=171458-342245&rn=5&rbuf=1353&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

636b6674fa82b7f5f4bfaf3cb697df09bafe7fa6446c5015818cd4e692d2db2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 14 Jan 2024 01:17:38 GMT
date: Sun, 14 Jan 2024 01:17:38 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 01 Feb 2023 08:26:29 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame C12C 0
17 B 61ms
53ms XHR
text/html 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=kRhPmKZE3t6loubb&ver=2&cmt=1.034&fmt=244&fs=0&rt=1.142&euri=https%3A%2F%2Farchived.esl-staff.com%2F&lact=1252&cl=597054475&mos=1&volume=100&cbr=Chrome&cbrver=120.0.6099.216&c=WEB_EMBEDDED_PLAYER&cver=1.20240109.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=en_US&cr=US&len=145.161&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153832%2C20%2C23111%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C11466%2C3616%2C1067%2C1360%2C8594%2C2008%2C4552%2C6115%2C832%2C3032%2C722%2C4460%2C1493%2C588%2C3028%2C858%2C1597%2C5371&rtn=4&afmt=251&size=840%3A473&inview=0&muted=1&docid=dX4XEOZ8eJU&ei=MTajZdzqLLyW_9EP9M6P6AE&plid=AAYO3amyFRIrYYWw&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FdX4XEOZ8eJU%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26list%3DPLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV%26controls%3D0%26start%3D1%26showinfo%3D0&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBSHFpSlRLc2Q5R2dKUVlRSmR3OUdKYmd2T2huT1dlc2lSYU9jVEZRd2tFRmFqSDQ0QWJsQVBta0tETEUyWXFnd1BMc2RsZl9jdkpiMk5zSmo4LWdvTEZXMC1TWG1ES1BEdks4UzYyOGRUTkFFQkxzTTBocU0tbS1NNXA4Qm0wYkMxNGZ3Tnp1b3lFTndLTGRBQUJzQTh4VlRpcWpKLU1CaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057344&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame C12C 0
17 B 52ms
52ms XHR
text/html 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=dX4XEOZ8eJU&cpn=kRhPmKZE3t6loubb&ei=MTajZdzqLLyW_9EP9M6P6AE&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057344&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 64 KB
64 KB 29ms
28ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=2482060&dur=145.161&lmt=1675239984416515&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgS1-jwWJyDekwp3yimW64cT4GedcA8K28dS8rdtG4ja4CICNcSY9JJjewUiMX9GFL8i_AjmEq9ZWLqYCGDQg5OfvW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=66054-131589&rn=6&rbuf=2474&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2cedeea30068cefafff60b4c064e6305a01d6abe67de6fd11efe4bc69fc9924e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 08:26:24 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sun, 14 Jan 2024 01:17:38 GMT

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 305 KB
305 KB 31ms
30ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=7330108&dur=145.144&lmt=1675239989639246&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgYSkdmPZsR69pMC4nhAwGrsUCRHhz90yt7VGUZelu5d4CIC1jjltWEZo2ezlX2Q0nhjza4_795PWO-SkV-c2VlyUf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=342246-654058&rn=7&rbuf=3651&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

390798eef66f6011fa5f8adca0741a131fbc247945937899a3cff98738ab40a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 14 Jan 2024 01:17:38 GMT
date: Sun, 14 Jan 2024 01:17:38 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 01 Feb 2023 08:26:29 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 107 KB
107 KB 27ms
26ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=2482060&dur=145.161&lmt=1675239984416515&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgS1-jwWJyDekwp3yimW64cT4GedcA8K28dS8rdtG4ja4CICNcSY9JJjewUiMX9GFL8i_AjmEq9ZWLqYCGDQg5OfvW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=131590-241395&rn=8&rbuf=5896&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b5f00c18f1538f558b5c8872e2a7f3daf27fbcee8a842dcd6bf6ef0802f63034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 14 Jan 2024 01:17:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 08:26:24 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sun, 14 Jan 2024 01:17:38 GMT

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 648 KB
648 KB 33ms
28ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=video%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=7330108&dur=145.144&lmt=1675239989639246&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgYSkdmPZsR69pMC4nhAwGrsUCRHhz90yt7VGUZelu5d4CIC1jjltWEZo2ezlX2Q0nhjza4_795PWO-SkV-c2VlyUf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=654059-1317555&rn=9&rbuf=8972&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e35c786059974c2c5fd79fd1b9b45432a803232fcd51b23507807b9f8e486f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 14 Jan 2024 01:17:39 GMT
date: Sun, 14 Jan 2024 01:17:39 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Wed, 01 Feb 2023 08:26:29 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2

200

google
px.ladsp.com/match/ Frame CF5C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=ASUbKj7fJBdFks8AEGgL-8QpT8A&logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01
https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1

43 B
376 B

211ms
210ms

Image
image/gif

52.193.77.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Server: 52.193.77.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-77-224.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
server: Logicad
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame CF5C
Redirect Chain

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

43 B
171 B

40ms
40ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
date: Sun, 14 Jan 2024 01:17:39 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame CF5C 42 B
442 B 107ms
32ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 14 Jan 2024 01:17:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

bounce
ib.adnxs.com/ Frame CF5C
Redirect Chain

https://ib.adnxs.com/setuid?entity=276&code=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

43 B
1 KB

35ms
34ms

Image
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Server

68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
an-x-request-uuid: 951ab306-a549-45dc-bd0f-b1783364431d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
an-x-request-uuid: 57aae5bc-04c9-481c-8687-77e6d54566c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hs
s-cs.send.microad.jp/ Frame CF5C 43 B
562 B 1051ms
184ms Image
image/gif 202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=logicad_2&id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3KA

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
content-type: image/gif
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

GET
H2 200 /
sync.ad-stir.com/ Frame CF5C 43 B
358 B 1073ms
207ms Image
image/gif 54.199.163.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=LOGICAD&uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.199.163.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-163-185.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame CF5C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw

43 B
510 B

47ms
46ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Gw
Date: Sun, 14 Jan 2024 01:17:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame CF5C 42 B
927 B 166ms
37ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=ATUrV6vpVRuOks8AEGgL-8QpTxA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssl.socdm.com/rtb/ Frame CF5C 43 B
824 B 1090ms
225ms Image
image/gif 211.120.53.205
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.120.53.205 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Sun, 14 Jan 2024 01:17:40 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=12","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.38","key":"ZaM2NMCo5r8AADc2xnwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40367"}
X-SO-Key: ZaM2NMCo5r8AADc2xnwAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40367
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40367.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 43
X-SO-LB-Hostname: a-tgng40001.dc2p.scaleout.jp
X-SO-IP: 96.9.249.38

GET
H2 200 /
cs.adingo.jp/sync/ Frame CF5C 43 B
410 B 130ms
40ms Image
image/gif 3.228.188.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Lw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.188.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-188-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 /
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame CF5C 0
375 B 771ms
34ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3NA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33732

GET
H/1.1 200
OK cookiesync
adn.caprofitx.com/v1/ Frame CF5C 35 B
605 B 1111ms
188ms Image
image/gif 35.73.17.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adn.caprofitx.com/v1/cookiesync?logicad_uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Ng
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.175 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-175.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:40 GMT
Server: nginx
X-Trace-Token: 4a4c913755a5-89637497
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 cs
cs.gssprt.jp/yie/ld/ Frame CF5C 43 B
446 B 906ms
188ms Image
image/gif 133.186.12.50
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=AWX1Aumzyvg3ks8AEGgL-8QpTxw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.50 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p050.net133186012.broadline.ne.jp
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:40 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame CF5C 0
287 B 757ms
33ms Image
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=logicad&uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3OQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:39 GMT
Cache-Control: no-cache
X-TraceId: 8827c3e11f7b8460557a40f0e720ef84
Content-Length: 0

GET
H2 200 sync.ad
sp.gmossp-sp.jp/ads/ Frame CF5C 43 B
359 B 849ms
187ms Image
image/gif 35.201.98.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Ow

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

24.98.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 6bd8fbf1fd36cfaf50be3b9f719b16d0
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sun, 14 Jan 2024 02:17:40 GMT

GET
H/1.1 200 cs
discoveryplus.popin.cc/popin_discovery/ Frame CF5C 35 B
469 B 827ms
182ms Image
image/gif 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3PQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:40 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 sync
as.amanad.adtdp.com/v1/ Frame CF5C 42 B
833 B 721ms
195ms Image
image/gif 13.35.77.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.amanad.adtdp.com/v1/sync?dsp_id=29&uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3RQ

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.77.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-77-22.bos50.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
via: 1.1 d6251c5e474087984c15b7cf5a45887e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: BOS50-C1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: gMpVeOY0Q-h0yqJCp8UrS3BxiiKfKh45bM7XBR-lKN5t_XLbtbkXCA==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 sync
partners.tremorhub.com/ Frame CF5C 43 B
174 B 162ms
33ms Image
image/gif 2600:1f18:612b:4232:950e:aa8c:14aa:701
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UILD=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Rg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:950e:aa8c:14aa:701 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 14 Jan 2024 01:17:40 GMT
server: nginx
content-type: image/gif

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 125 KB
125 KB 26ms
26ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=2482060&dur=145.161&lmt=1675239984416515&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgS1-jwWJyDekwp3yimW64cT4GedcA8K28dS8rdtG4ja4CICNcSY9JJjewUiMX9GFL8i_AjmEq9ZWLqYCGDQg5OfvW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=241396-368852&rn=10&rbuf=11273&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9894b5b7e96471bb43dc64488e8e2e76c3cf272b002eac679fc833426a525f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 14 Jan 2024 01:17:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 08:26:24 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sun, 14 Jan 2024 01:17:39 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C12C 28 B
50 B 47ms
46ms XHR
application/json 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705195059751
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057044&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

date: Sun, 14 Jan 2024 01:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2

200

google
px.ladsp.com/match/ Frame 210D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=ASUbKj7fJBdFks8AEGgL-8QpT8A&logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01
https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1

43 B
376 B

224ms
209ms

Image
image/gif

52.193.77.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Server: 52.193.77.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-77-224.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:40 GMT
server: Logicad
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://px.ladsp.com/match/google?logicad_uid=ASUbKj7fJBdFks8AEGgL-8QpT8A&svid=01&google_gid=CAESEHb_ARIP4ijFbrrYpzmYZ1k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sd
jp-u.openx.net/w/1.0/ Frame 210D 43 B
61 B 51ms
51ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4ZQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 210D 42 B
292 B 53ms
31ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4ZQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 14 Jan 2024 01:17:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 setuid
ib.adnxs.com/ Frame 210D 43 B
1 KB 66ms
44ms Image
image/gif 68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=276&code=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4ZQ

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
an-x-request-uuid: 0d54a9ca-6fb7-49f9-b715-1b1079a01e89
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hs
s-cs.send.microad.jp/ Frame 210D 43 B
563 B 256ms
184ms Image
image/gif 202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=logicad_2&id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4cg

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
content-type: image/gif
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

GET
H2 200 /
sync.ad-stir.com/ Frame 210D 43 B
357 B 280ms
208ms Image
image/gif 54.199.163.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=LOGICAD&uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4ZQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.199.163.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-163-185.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 210D 43 B
235 B 67ms
46ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4Zg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 210D 42 B
927 B 62ms
42ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=ATUrV6vpVRuOks8AEGgL-8QpTxA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssl.socdm.com/rtb/ Frame 210D 43 B
818 B 529ms
232ms Image
image/gif 211.120.53.205
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.120.53.205 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Sun, 14 Jan 2024 01:17:40 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=12","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.38","key":"ZaM2NMCo5r8AADc2xrQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad443"}
X-SO-Key: ZaM2NMCo5r8AADc2xrQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad443
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad443.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: a-tgng40001.dc2p.scaleout.jp
X-SO-IP: 96.9.249.38

GET
H2 200 /
cs.adingo.jp/sync/ Frame 210D 43 B
409 B 64ms
43ms Image
image/gif 3.228.188.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4eg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.188.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-188-124.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Sun, 14 Jan 2024 01:17:39 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 /
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame 210D 0
374 B 84ms
35ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4fw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33732

GET
H/1.1 200
OK cookiesync
adn.caprofitx.com/v1/ Frame 210D 35 B
605 B 638ms
190ms Image
image/gif 35.73.17.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adn.caprofitx.com/v1/cookiesync?logicad_uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4gQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.175 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-175.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:40 GMT
Server: nginx
X-Trace-Token: 2a12b93314a4-14796107
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 cs
cs.gssprt.jp/yie/ld/ Frame 210D 43 B
445 B 259ms
189ms Image
image/gif 133.186.12.50
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=AWX1Aumzyvg3ks8AEGgL-8QpTxw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.50 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p050.net133186012.broadline.ne.jp
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:40 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 210D 0
287 B 128ms
31ms Image
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=logicad&uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4hA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:39 GMT
Cache-Control: no-cache
X-TraceId: ada5fe8b25eeddeeeddf165e5e7ec52f
Content-Length: 0

GET
H2 200 sync.ad
sp.gmossp-sp.jp/ads/ Frame 210D 43 B
517 B 235ms
181ms Image
image/gif 35.201.98.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4hg

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

24.98.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 1b4a5b1bf9bb0ee880e185781b8b0e11
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sun, 14 Jan 2024 02:17:40 GMT

GET
H/1.1 200 cs
discoveryplus.popin.cc/popin_discovery/ Frame 210D 35 B
469 B 365ms
181ms Image
image/gif 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4iA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:40 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 sync
as.amanad.adtdp.com/v1/ Frame 210D 42 B
833 B 212ms
211ms Image
image/gif 13.35.77.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.amanad.adtdp.com/v1/sync?dsp_id=29&uid=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4kA

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.77.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-77-22.bos50.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 01:17:40 GMT
via: 1.1 d6251c5e474087984c15b7cf5a45887e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: BOS50-C1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: SWPFjG_xrW-4Slcg7Ps9ZSVvTxDd1rizkTT9PTejaPv0xCLpgT5yMQ==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 sync
partners.tremorhub.com/ Frame 210D 43 B
175 B 159ms
30ms Image
image/gif 2600:1f18:612b:4232:950e:aa8c:14aa:701
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UILD=AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4kQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1705195058355&svid=51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:950e:aa8c:14aa:701 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 14 Jan 2024 01:17:40 GMT
server: nginx
content-type: image/gif

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001126676/ 42 B
742 B 695ms
301ms Image
image/gif 183.79.255.12
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001126676/?random=1705195061167&cv=9&fst=1705195061167&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Farchived.esl-staff.com%2F&tiba=%E3%83%A6%E3%83%BC%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%AB%E3%83%A9%E3%83%9C%E3%83%A9%E3%83%88%E3%83%AA%E3%83%BC%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BE&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: archived.esl-staff.com
URL: https://archived.esl-staff.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://archived.esl-staff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:17:41 GMT
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 0
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 42
X-XSS-Protection: 0
Pragma: no-cache
Server: cafe
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame C12C 0
17 B 48ms
47ms XHR
text/html 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=kRhPmKZE3t6loubb&ver=2&cmt=3.898&fmt=244&fs=0&rt=4.001&euri=https%3A%2F%2Farchived.esl-staff.com%2F&lact=4112&cl=597054475&state=playing&volume=100&cbr=Chrome&cbrver=120.0.6099.216&c=WEB_EMBEDDED_PLAYER&cver=1.20240109.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=en_US&cr=US&len=145.161&rtn=14&afmt=251&idpj=-8&ldpj=-29&rti=4&size=840%3A473&inview=0&st=0&et=3.898&muted=1&docid=dX4XEOZ8eJU&ei=MTajZdzqLLyW_9EP9M6P6AE&plid=AAYO3amyFRIrYYWw&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FdX4XEOZ8eJU%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26list%3DPLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV%26controls%3D0%26start%3D1%26showinfo%3D0&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBSHFpSlRLc2Q5R2dKUVlRSmR3OUdKYmd2T2huT1dlc2lSYU9jVEZRd2tFRmFqSDQ0QWJsQVBta0tETEUyWXFnd1BMc2RsZl9jdkpiMk5zSmo4LWdvTEZXMC1TWG1ES1BEdks4UzYyOGRUTkFFQkxzTTBocU0tbS1NNXA4Qm0wYkMxNGZ3Tnp1b3lFTndLTGRBQUJzQTh4VlRpcWpKLU1CaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057344&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.11/plugins/ Frame E6F0 46 KB
17 KB 141ms
110ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f42edc5eb4128%26domain%3Darchived.esl-staff.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Farchived.esl-staff.com%252Fff31b3b0ab43ec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Farchived.esl-staff.com%2F&layout=box_count&locale=ja_JP&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=4593bb3b96cbdf385cb4b7ec69577c3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

770b11ef67364f5af4f252608edddbd257968aab3f6b7b146cf8639b1de8361a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://archived.esl-staff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 01:17:42 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: n5zb67Y97RixbPwN0cBQbpzF3U/PszHXeOhPRdww1YNpUqfX+lMfqYB8ZxGOfkExcccO7Rv/8rKP3IPvS4xwTw==
x-xss-protection: 0

GET
H2 200 UqMjFh_KQS_.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/yQ/l/ja_JP/ Frame E6F0 528 KB
137 KB 324ms
34ms XHR
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/yQ/l/ja_JP/UqMjFh_KQS_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.11/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f42edc5eb4128%26domain%3Darchived.esl-staff.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Farchived.esl-staff.com%252Fff31b3b0ab43ec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Farchived.esl-staff.com%2F&layout=box_count&locale=ja_JP&sdk=joey&share=true&show_faces=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7286b7a11bf78ec6bf3fb67d826c1999ba57f7d7b2bb5ecffee121ca12a67dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sun, 14 Jan 2024 01:17:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RM3p74Qtq6h7suUJIAQjnw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139496
reporting-endpoints
x-fb-debug: cLdPZxejOOp4OTuaHwi15H5ZOqnn/80dxvRY+hvslZeFugcLCDlvWceHL41LxzUyGB35RPFNpsQM2x1IwgaV6A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 11 Jan 2025 21:44:17 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame E6F0 299 B
551 B 36ms
35ms Image
image/png 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sun, 14 Jan 2024 01:17:42 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: V8Nr5hZeABhp87K1+BFOJRbCGjRX13xWWkz1Eg5gYggxHEKFWsS0hBAt09SH4zSUKEdGgyZjCkLpOn6FkDNkjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 11 Jan 2025 10:20:52 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame C12C 0
19 B 65ms
64ms XHR
text/html 2607:f8b0:4004:c1f::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=kRhPmKZE3t6loubb&ver=2&cmt=5.577&fmt=244&fs=0&rt=5.68&euri=https%3A%2F%2Farchived.esl-staff.com%2F&lact=5790&cl=597054475&mos=1&volume=100&cbr=Chrome&cbrver=120.0.6099.216&c=WEB_EMBEDDED_PLAYER&cver=1.20240109.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=en_US&cr=US&len=145.161&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153832%2C20%2C23111%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C11466%2C3616%2C1067%2C1360%2C8594%2C2008%2C4552%2C6115%2C832%2C3032%2C722%2C4460%2C1493%2C588%2C3028%2C858%2C1597%2C5371&afmt=251&muted=1&docid=dX4XEOZ8eJU&ei=MTajZdzqLLyW_9EP9M6P6AE&plid=AAYO3amyFRIrYYWw&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FdX4XEOZ8eJU%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26list%3DPLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV%26controls%3D0%26start%3D1%26showinfo%3D0&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&of=wbAUJoLFDaeeOSJrHXH1sg&vm=CAEQABgEOjJBSHFpSlRLc2Q5R2dKUVlRSmR3OUdKYmd2T2huT1dlc2lSYU9jVEZRd2tFRmFqSDQ0QWJsQVBta0tETEUyWXFnd1BMc2RsZl9jdkpiMk5zSmo4LWdvTEZXMC1TWG1ES1BEdks4UzYyOGRUTkFFQkxzTTBocU0tbS1NNXA4Qm0wYkMxNGZ3Tnp1b3lFTndLTGRBQUJzQTh4VlRpcWpKLU1CaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::88 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dX4XEOZ8eJU?autoplay=1&mute=1&loop=1&list=PLuW_cQjG416VbwgOiZj0p04gw1jdCm1lV&controls=0&start=1&showinfo=0
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtqZURrOVpoRHlIOCiv7IytBjIKCgJVUxIEGgAgXA%3D%3D
X-YouTube-Ad-Signals: dt=1705195057344&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C473&vis=1&wgl=true&ca_type=image&bid=ANyPxKoACu9Za0HmzQ3_hJ9oW602SMcYaBiQ0tj1EALP8MfLr39el_oqg4_jhI0rnOhoNqc2svV5dtyxwBM91lPyNxYixF_Vxg

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 01:17:43 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-ab5sznzs.googlevideo.com/ Frame C12C 173 KB
173 KB 26ms
26ms Fetch
application/vnd.yt-ump 2607:f8b0:4006:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ab5sznzs.googlevideo.com/videoplayback?expire=1705216657&ei=MTajZdzqLLyW_9EP9M6P6AE&ip=2602%3Affc8%3A2%3A104%3A%3A10&id=o-ANaR84P0Sq_aby4GhbxgXYLLlPCy5iDGBWl847V0kewV&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=R9&mm=31%2C26&mn=sn-ab5sznzs%2Csn-vgqskn6d&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=4522500&spc=UWF9fxs5jH3DTxt3kg0bYCI-gCCGiaClnUMdbq8ePRcmjp0&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=zJHLAyfVFtFi9ZQ_xzLg-ecQ&gir=yes&clen=2482060&dur=145.161&lmt=1675239984416515&mt=1705194776&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=Z3LDixg_-Li7GA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgS1-jwWJyDekwp3yimW64cT4GedcA8K28dS8rdtG4ja4CICNcSY9JJjewUiMX9GFL8i_AjmEq9ZWLqYCGDQg5OfvW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AAO5W4owRQIgfOQ4AA-7UZfNn40fVitrovARZod4wXMjCB3PD8OeRe8CIQC8L0uw-ieUISeTaoC_ORl1OW2OIFcIsUDNuRac6Hlggw%3D%3D&alr=yes&cpn=kRhPmKZE3t6loubb&cver=1.20240109.00.00&range=368853-545542&rn=11&rbuf=14003&pot=MnQIqRzt5gqk1QiRZMCEqnA4dSBJgx1MBTQ44rvRrtTKnAHh938iUnvNjuxrEq3QT51-CUL2D9kugB1G1fixcI5sU_9PDyGPt6jUFRW9dQepK70u3_szRYWkApNDq6s18lNZTWRAW-vSkh3DUzqjaaAounUbKg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:c::a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4c86a4c3183134a9cc09429091ad3902d512a2f2a0c560b083b3a62482073ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 14 Jan 2024 01:17:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Feb 2023 08:26:24 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sun, 14 Jan 2024 01:17:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=https%3A%2F%2Farchived.esl-staff.com&url=https%3A%2F%2Farchived.esl-staff.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 22:03:26	Name: NID Value: 511=ZFJF4b-BDq02yzdt1yCC508WKEC4yjK9PDfqey1YNkste6g6l21GtoctuiaJelZBqiSnooHiBprajTfGkhzpt39VeRgNLUhSk9LHX4d82KiYssc3Et3q0g7o7HEwXAms8aZcXnl7I87gDo5FY9AVauMclIDvczJ-Rtj37IKK2a4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Ao1e-cUa4Yw
.youtube.com/	1970-01-20 21:59:07	Name: VISITOR_INFO1_LIVE Value: jeDk9ZhDyH8
.esl-staff.com/	1970-01-20 19:49:31	Name: _gcl_au Value: 1.1.2101876375.1705195056
.esl-staff.com/	1970-01-21 03:15:55	Name: _ga_QF4Q5HLH88 Value: GS1.1.1705195056.1.0.1705195056.0.0.0
.esl-staff.com/	1970-01-21 03:15:55	Name: _ga Value: GA1.1.1995233354.1705195057
.doubleclick.net/	1970-01-21 03:15:55	Name: IDE Value: AHWqTUmHdpLbYiVfHNKaNa3KySH3faREUnwExgGawNSFGWDbbvbpo9Pqv9q_bM16
.esl-staff.com/	1970-01-21 03:15:55	Name: _ga_1XQZ4P74MW Value: GS1.1.1705195057.1.0.1705195057.0.0.0
.esl-staff.com/	1970-01-21 03:15:55	Name: _ga_L6C9RNZ0DP Value: GS1.1.1705195057.1.0.1705195057.0.0.0
.archived.esl-staff.com/	1970-01-21 03:15:55	Name: __lt__cid Value: 05156026-f72d-4bdc-9467-55fac7833ec5
.archived.esl-staff.com/	1970-01-20 17:39:56	Name: __lt__sid Value: eeca4674-c4de6d1f
.esl-staff.com/	1970-01-20 19:49:31	Name: _fbp Value: fb.1.1705195057801.1166927797
.line.me/	1970-01-21 03:15:55	Name: _ldbrbid Value: tr__k1y/XGWjNjFTg/mMW4pzAg==
.ladsp.com/	1970-01-20 17:39:58	Name: cr Value: 1
.ladsp.com/	1970-01-21 03:15:55	Name: smn_uid Value: -6usQP78VpMuhden72X4jxBoC_vEKU8
.ladsp.com/	1970-01-20 18:23:07	Name: receive-cookie-deprecation Value: 1
.esl-staff.com/	1970-01-21 02:26:57	Name: _yjsu_yjad Value: 1705195058.bf6b8d83-3b7a-447f-904c-ba8be35a444e
.openx.net/	1970-01-21 02:25:31	Name: i Value: 1025735a-8d48-41de-a55f-f3df59a6b122\|1705195059
.adnxs.com/	1970-01-20 19:49:31	Name: uuid2 Value: 8994397936194394452
.bidswitch.net/	1970-01-21 02:25:31	Name: tuuid Value: 70c43158-914e-4205-838d-ebeb70984e42
.bidswitch.net/	1970-01-21 02:25:31	Name: c Value: 1705195059
.bidswitch.net/	1970-01-21 02:25:31	Name: tuuid_lu Value: 1705195059
.rubiconproject.com/	1970-01-21 02:25:31	Name: khaos Value: LRCT40EZ-3-LV4J
pixel.rubiconproject.com/	1970-01-20 19:49:31	Name: receive-cookie-deprecation Value: 1
.ladsp.com/	1970-01-21 03:15:55	Name: lum Value: COXwrqzQMRIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhICCCoSBQgDEPABEgIICxICCA8SAggQEgIIERICCBQSAggbEgIIHBICCB4SAgggEgIIIhICCCsSBQgKEJAN
.pubmatic.com/	1970-01-20 18:23:07	Name: KRTBCOOKIE_629 Value: 11487-AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4ZQ
.pubmatic.com/	1970-01-20 18:23:07	Name: PugT Value: 1705195058
.rubiconproject.com/	1970-01-21 02:25:31	Name: audit Value: 1\|+wYOIJ8xGwyds2RfQjQjHIt5CbnP87xUm/+5ZySuAbl+xL8LlrcUaH+c8DbP9QrUyASIJw01zcuM1KxoLazIt4iV7Zy4iowP6F2snLdp6IaNf/PPUr64tfk/LODV/Vhdi+4ifxmJ1SL7YuabCTwFFaFfCQafh5HDa+z4zcoFpwwSlSS6P21+Q9zpQ7vzkXQ/
.adingo.jp/	1970-01-20 18:23:07	Name: logicad Value: AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4eg
.adnxs.com/	1970-01-21 03:15:55	Name: XANDR_PANID Value: H81WxE8D_8sgrIR1WbfjhCLyrVKHvyvUYavX9qthjEpyqDmWajnhRxWDvjApxbQt1Yc66c9p32FuuWpNHsPSN1wkAJU_L13FgRJVo-aaECQ.
.adnxs.com/	1970-01-20 19:49:31	Name: anj Value: dTM7k!M4.FF7/.XF']wIg2In>eqv]P!]tbPl@/]n#hNXKUcZI?LZu+OESO>#<U=q@Ovpavaw]!dCuXY(OvpI@b>[$7[Gc)ccziVAG^=xQ!_6-zQEVk`!1[R?4F:GX
.taboola.com/	1970-01-21 02:25:31	Name: t_gid Value: 914e409b-da38-4b35-8dc4-f689c5f01533-tuctc9cbbb3
.taboola.com/	1970-01-21 02:25:31	Name: t_pt_gid Value: 914e409b-da38-4b35-8dc4-f689c5f01533-tuctc9cbbb3
.send.microad.jp/	1970-01-20 19:49:31	Name: TR Value: db672934f9b96fad00bde37046cb0ff6a52f968fd2f79f91
.sp.gmossp-sp.jp/	1970-01-21 03:15:55	Name: deviceIdentifier Value: 29uPnKTXAFJ1R6H6
.gmossp-sp.jp/	1970-01-21 03:15:55	Name: dsp_logicad Value: AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu3Ow
.gssprt.jp/	1970-01-20 18:23:07	Name: logicad Value: AWX1Aumzyvg3ks8AEGgL-8QpTxw
.gssprt.jp/	1970-01-21 03:15:55	Name: gid Value: b6e03df4980cbb3fa1a33fc9e56a5f91
.adtdp.com/	1970-01-21 03:15:55	Name: pr Value: aja
.ad-stir.com/	1970-01-21 02:25:31	Name: uid Value: 8403ca12-d20b-49f2-b646-c4364ffc6e62
.ad-stir.com/	1970-01-20 18:00:04	Name: d20 Value: AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4ZQ
.adtdp.com/	1970-01-21 03:15:55	Name: uid Value: 1dde6d23-91f3-48ed-ba9e-15673e2298b8
.popin.cc/	1970-01-21 03:15:55	Name: piuid Value: 82f7acc463c24c53935983be146d0418
.popin.cc/	1970-01-20 19:06:19	Name: p_logicad Value: AXGrj3yXlntZks8AEGgL-8QpT88AAAGNBYu4iA
.socdm.com/	1970-01-21 03:15:55	Name: SOC Value: ZaM2NMCo5r8AADc2xrQAAAAA
.adn.caprofitx.com/	1970-01-21 03:15:55	Name: pfxid Value: 7752a7d9-330c-4154-a38f-78e4fe268142
.adn.caprofitx.com/	1970-01-21 03:15:55	Name: pfxids_logicad Value: eyJpZCI6IkFYR3JqM3lYbG50WmtzOEFFR2dMLThRcFQ4OEFBQUdOQll1NGdRIiwidXBkYXRlZEF0IjoiMjAyNC0wMS0xNFQwMToxNzo0MC40MTdaIn0
.yahoo.co.jp/	1970-01-21 02:26:57	Name: XA Value: frqgug1iq6dhk&sd=A&t=1705195060&u=1705195060&v=1
.yahoo.co.jp/	1970-01-21 03:15:55	Name: XB Value: fp8epa1iq6dhk&b=3&s=nv

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://archived.esl-staff.com/wp-content/themes/simplicity2/images/custom-header.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://apis.google.com/js/plusone.js(Line 66) Message: Mixed Content: The page at 'https://archived.esl-staff.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1705195056025&_gfid=I0_1705195056025&parent=https%3A%2F%2Farchived.esl-staff.com&pfname=&rpctoken=30546401'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adn.caprofitx.com
ajax.googleapis.com
am.yahoo.co.jp
apis.google.com
archived.esl-staff.com
as.amanad.adtdp.com
assets.getpocket.com
b.hatena.ne.jp
b.st-hatena.com
b99.yahoo.co.jp
cd.ladsp.com
cm.g.doubleclick.net
connect.facebook.net
cs.adingo.jp
cs.gssprt.jp
d.line-scdn.net
discoveryplus.popin.cc
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-kgl6p4h-mmyyn.uc.r.appspot.com
ib.adnxs.com
jnn-pa.googleapis.com
jp-u.openx.net
partners.tremorhub.com
pixel.rubiconproject.com
polyfill.io
px.ladsp.com
rr5---sn-ab5sznzs.googlevideo.com
s-cs.send.microad.jp
s.yimg.jp
simage2.pubmatic.com
sp.gmossp-sp.jp
ssl.gstatic.com
ssl.socdm.com
static.doubleclick.net
static.xx.fbcdn.net
sync.ad-stir.com
sync.outbrain.com
sync.taboola.com
tr.line.me
um.ladsp.com
widgets.getpocket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
apis.google.com
119.63.198.176
13.32.155.20
13.35.77.22
133.186.12.50
141.226.224.48
147.92.191.92
172.253.115.155
18.154.227.19
18.160.46.101
18.67.76.119
18.67.76.28
182.22.25.124
183.79.255.12
183.90.238.46
202.233.84.8
211.120.53.205
23.209.61.209
2600:1f18:612b:4232:950e:aa8c:14aa:701
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::54
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::99
2607:f8b0:4004:c0b::8a
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::93
2607:f8b0:4004:c17::94
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1f::65
2607:f8b0:4004:c1f::88
2607:f8b0:4004:c1f::9c
2607:f8b0:4006:c::a
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:600::282
3.228.188.124
35.201.98.24
35.211.178.172
35.244.159.8
35.73.17.175
52.193.77.224
54.199.163.185
64.202.112.223
68.67.161.182
69.173.151.100
8.28.7.83
99.84.191.110
006d019c3e7fc909bf7f9fd5edc76dad588b25cf10d6335cc846d17eee549d4f
027d0a11b9e0cbd3a90c148f5a654cc8288eaac67123eea6c34e7f80d22abb94
04f5edc3f9369d0be9a734352f2a8752f7757a93853556c13a0d3ec5275ee09d
05f6ae9fb6adb98c08856d534fa35dcb09db1ff89b1ac23c30d9c38abad9758d
071ca38b8cec663d589e0f75341f534a696edc4aee2b99d6e502c98fa04ee020
0748762b36b082f16562f253a02ee6672f8518f0766cc70c3956af175e68ad29
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064
1641d85306449ce51856aa7f6d51d72db2986be90ac1d527e11cf606e5688d3e
1b37f72162fb08d073cfb64f33b737d9817c84bbf4cb189dacbf9ce7c5544151
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
286903be7ab6caac28e3a66b7163d93a1fde17fa54e1d4e90e6f140144357d42
293c7b34d41c438e484f0e40806890fb88db79bd43789d61e1ddb9798a3d2762
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cedeea30068cefafff60b4c064e6305a01d6abe67de6fd11efe4bc69fc9924e
2f7007b77891232b44b3b3b276b212ef4163a3e0166d2a936647c163913a74a1
30f3855dafef7d28d65e1969f2d8c7c651b92f590fb2946f80c818064742745b
332dfe6c6485dd021c66dcd4f74e2157ac06933ec16b0667662c0667236fddf2
34e04d86647a76c11be3f62b30d7b1f55005b53af36054f237e2a15f8c957d88
37539c40cdb917649dd6e108df7626effee4b6bc4dc280a8e00d2abed0b75b2c
390798eef66f6011fa5f8adca0741a131fbc247945937899a3cff98738ab40a7
3b0d71516f26850ac7fe8e547fa5eaf17412c660036960ff36cc7cc0dd0178be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4022b5ef36894f1e2bcedab9a1574665218e7c0f05408ebe8e8ff689601088db
424da953a071c56f6274ec5303ae946f2f3f3988be32355b2e2cc72c84ca573c
429457ca9aca929e2899d08f9770e5111c69de844e65882f3bbf07931bb0091a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46e97944b7e167434fa20cfb0cb6c6ad36d4e67ef3a3b39c05dab09c839a0518
480a664a442c062929d181ab1beaaa25ba23330133a73b2888fd08f5423d449a
4966e08ea3911b4c89f8bb598e601ef05699274d9b5c9bdb1bfaac26c88bb715
4a3db0402a97fc98b720d04a2bce839eb05df3b9500d69f817dc3fef92bcf1d6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c86a4c3183134a9cc09429091ad3902d512a2f2a0c560b083b3a62482073ca1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fa9675b7cbdba5307d9d411e7a76f13d1b6b462844cdbf3d918f37bfdff029e
501d58b2b30dc4fb76b486347020e028b1b3a2e53e24bbed14877b55235d0c27
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57ea752369f002b5d1e45591b8921ffd96fb768735bf1b753029a5e4806c2abc
5996696ea81b6047e5f4fcc11562d101fa819550a956b4d6193f80af6ade58f5
5a244c49ead19a6d77ef5e3581ec6a8faaaacda0833681a51b6c73798c351073
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa869ba3a3f7a8883a0e6457ebaea6bb7c9069e296bdc166ce30431d318bb90
5ab07611ab2b1359fce0fe1ca7ddb95c29f83d7cfd582fdb5a5fe8c827e35a0f
5bf79cbef8d0a4b2a05baf5d904a51af4b96fc831400a3edc4b194c75b3509d2
5c3cb1bbc7c0043c2be1b3052ffd56096348377c61f3a0cb928240ca92090f80
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
6006e63e53eeec8b456d6804b478580c054a3c7fc64df5569fe5a321cd70f69b
61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125
63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5
636b6674fa82b7f5f4bfaf3cb697df09bafe7fa6446c5015818cd4e692d2db2a
636b6ca97abe0dc0f5e987362701517180dba4f5c06da449e9415dd798820077
639d75299973c7d3794eb7eb129e3b5a6139f9f521e1f14383abd0fd501219c9
63afa9b3cd971d0bbda8c41fb88b1c86ba95f91596204176e2d6ff6ce184d31d
63c2edf6341fe6898ed3861f00b9a99ff512b34c076087863d7f9a712d1b5bc1
650d61dae4fcb7c69501380278f1cd01e9788dffd0e0fd25fb8185cdd11b4e9a
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b212a630e1b619410fbf9f27514c89b0d4a22321511817713f8f1a7e0db22ac
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6e8bb4478a9170f381ea820cdaf8a2d350c249536d1cfbe84fdb047c745295b2
70a18337b987c7639db9de27723cdb120997777f506cc3b419b055575ca9ff61
7286b7a11bf78ec6bf3fb67d826c1999ba57f7d7b2bb5ecffee121ca12a67dc5
734c4732e57a9aa54655eb54ebaecccec22f0f40e65a6e1b149ee3cf86b3b246
7630cb2338bbcb79e21a326d6f748e027c41ee94b80bad0810db692c41a0852c
770b11ef67364f5af4f252608edddbd257968aab3f6b7b146cf8639b1de8361a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
788ec6dce317bc34cf7802f3de841d9076c090677fb97d357384534be91b287e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e89a304decd9c905bf134d5619eb2d8e2ee488db40ef4ccba9f6a03026f7680
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
83106125e104777692483899f16b961fa1cc71ebdcdcc7ec756d5d66c3ef2010
84fab3ab0f41e453ccefc1ad35bebef6a1889b5ff2b435f1d0f480d792c6f1f7
87813d0507d9e425d8a423153e598fbef4342d9a553edc4e0ad29cba6b380274
88bbe5af7a973aa1aa6ad33f83a44aa78658ab12967691a84b86f06437177165
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
8bad1ad6cb9fee3a7c054464678955117d10231d4e89276b7235786ee9face82
9894b5b7e96471bb43dc64488e8e2e76c3cf272b002eac679fc833426a525f8e
99cd15b57b4dfeca90c211550483fea7df7491c0d5056567e94d455804607fad
9ac12b79edbeb35c248c0bdb059a61a04790638d7557b466abcd29f853a69738
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a253b990e6d6910495fc8b12df38f18f7c2982b4a260e40207fedc747a994ae3
a3c8009a78df4126fa3e9cce7f2f328a2ee15ae81dd10f5c533d8fe01b1d3ed7
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afdf299864eab97c1e15580c32b23fb5cc2378435ca5b5b7da8dd42fc3f2315b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b59d6286af40b77babf8e2ee9ec16fceeb20e37be0e7211cfaf9dfc1fe2d7da8
b5f00c18f1538f558b5c8872e2a7f3daf27fbcee8a842dcd6bf6ef0802f63034
b6df81be4cc6b7e6f4bd45b72bb24edd816cbfe4b7fd8a6412224b09b8daa220
b9a3f6d30b6f7d53a67ce7e19cf4223737ed9cc6be9435868f063d0202ab1640
bb1609e85d8370b7259775c76a2ba7456ee2ed72cb45cb68e59f14d3a6b0a0a5
be4d489cbf5b11572ffc51c675c4c36b3bf81d85a171481a7e1da5c43453c078
bf9fb996dd73b595e25834b116f991fceba614ebad9d47d66a7f0df681232884
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831
caf6f3f218eb933bf45fbfa0048756c9302e86def0cf705566b0b40766af2d30
cc2f88f65e2df0220e6fdebc899dca15b96ec76e7423859c5878d4300d8e7ec6
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cecced3759ead676c01a7fa67745175f258e1cf40bac53e54a958236c65180ed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d72a79cc04652f5515261d583f3e420ac80fa0172186850fc257d06ad0837bf8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d84d2d290638df819902dc2b4d962c0f2068040038cba90df41ca96f5fedcce3
d88f9bdfe8ca7069594001be400eb41348df50051ec9c0e606dd646d2ff04c40
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e27db307a5be9d4ac48d89a7f270b43a0a80dae177bd840aef88fc5fe93c17b3
e2d5e157a6cfdd639879a5de616dd4f415cfb56b018953c0c9988cd48ca5c678
e2d84e6a462105e079059bda163a5e23e9b326ad0cb42e2fef52ecf08e20a92e
e35c786059974c2c5fd79fd1b9b45432a803232fcd51b23507807b9f8e486f10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e98d360dfb4942c7ef43688eb3ae9fb67020c061c6a6583501d12e39930b0eb9
e9d68e6b2724f4d832e93d2945f4567689677b4ce064bf89491480b37cdada1a
eafa6a366dd0ba9a67b5626ba349dad3ace7b6ef551697a131265a31f1c70c93
ee0abc38d3a566618eac6a296dd95e515be131e302bc3c96e3a974ce1987f420
ee5daad77ba938652fa0673c31c6974dfa0f2a43a8ee690010ed922e7416de4e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeeababcfb1ad9560ffd78277863634e5d1ba8bfa8de5b9dc77da4baa1fbfb0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab
f210c51557ca9d1726bc2d7fdb71f19786e2a8f2e92941bad3e368e0496e921b
f89aed0d3c1d737efca7ab2f6770db757bdfd83a17e613c01c71ab24e90e162c
f96a0a0577ea10436887cc35eb584fb61be8567760913217ace428d85c820d65
f9ec51ec8cc69b2a97676176588d7fccce7286ffdc5470e2e4b493d847da9dee
faf0aa3bdb637c42c777f7083898bee26c7ed444ff48e240a8fa8030ea7fd1bc

archived.esl-staff.com Open in urlscan Pro 183.90.238.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

96 %HTTPS

41 %IPv6

40 Domains

51 Subdomains

49 IPs

2 Countries

5834 kBTransfer

11946 kBSize

49 Cookies

21 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

archived.esl-staff.com Open in urlscan Pro
183.90.238.46 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

96 %
HTTPS

41 %
IPv6

40
Domains

51
Subdomains

49
IPs

2
Countries

5834 kB
Transfer

11946 kB
Size

49
Cookies

190 HTTP transactions
1 data transactions