opreturn.jp Open in urlscan Pro
183.181.98.147 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://opreturn.jp/
Submission: On March 09 via api (March 9th 2023, 8:21:24 am UTC) from US — Scanned from JP

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 55 HTTP transactions. The main IP is 183.181.98.147, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is opreturn.jp.

This is the only time opreturn.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	183.181.98.147 183.181.98.147	131965 (XSERVER X...) (XSERVER Xserver Inc.)
7	2404:6800:400... 2404:6800:400a:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2004	15169 (GOOGLE) (GOOGLE)
55	11

13 183.181.98.147 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv6146.xserver.jp

opreturn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:400a:80c::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80b::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com adservice.google.com — Cisco Umbrella Rank: 65 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1930 www.google.com — Cisco Umbrella Rank: 2	57 KB
13	opreturn.jp opreturn.jp	112 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	203 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	46 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 28	6 KB
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 71446	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	466 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	77 KB
55	9

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
13	opreturn.jp	opreturn.jp
7	cdnjs.cloudflare.com	opreturn.jp cdnjs.cloudflare.com
7	pagead2.googlesyndication.com	opreturn.jp pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	opreturn.jp
55	12

This site contains links to these domains. Also see Links.

Domain
ja.wordpress.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.opreturn.jp R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://opreturn.jp/
Frame ID: 8CFF02305E67D7F8580482CEDBC2DE1C
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
Frame ID: F1BFF43EC1C5DA5BB9FEFC79F5046E36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7746803152201374&output=html&adk=1812271804&adf=3025194257&lmt=1678350079&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fopreturn.jp%2F&ea=0&pra=5&wgl=1&dt=1678350079020&bpp=6&bdt=171&idt=253&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=803475119119&frm=20&pv=2&ga_vid=2040844699.1678350079&ga_sid=1678350079&ga_hid=1938759908&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842&oid=2&pvsid=1926098439220691&tmod=786376467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: A09AF0A23776EF543333F24901ADE81E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7746803152201374&output=html&h=280&adk=4070374814&adf=4000994951&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678350079&rafmt=1&to=qs&pwprc=3607379692&format=1200x280&url=http%3A%2F%2Fopreturn.jp%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678350079026&bpp=1&bdt=177&idt=269&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=803475119119&frm=20&pv=1&ga_vid=2040844699.1678350079&ga_sid=1678350079&ga_hid=1938759908&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842&oid=2&pvsid=1926098439220691&tmod=786376467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CluslcBMm7&p=http%3A//opreturn.jp&dtd=271
Frame ID: 7DCC46C024C035F0523375D4FAB45CE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CAFCD9BE29EE3A61ACC8196195A7673
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E365A7CE0D1F42C6BA1E3243AF7B2C2F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OP_RETURNしようぜ！ – ビットコインと暗号を学んでBTCブロックチェーンに永遠の文字列を刻み付けよう！

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

MathJax (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/mathjax\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

55
Requests

78 %
HTTPS

91 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

503 kB
Transfer

1338 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ja.wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
opreturn.jp/ 61 KB
15 KB 785ms
652ms Document
text/html 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 6e504641459e50b38ec9130d41121eb4866c96fa86e5da3a87e35ee4bc7b1e66

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 08:21:18 GMT
Link: <https://opreturn.jp/wp-json/>; rel="https://api.w.org/"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK style.min.css
opreturn.jp/wp-includes/blocks/navigation/ 15 KB
3 KB 11ms
11ms Stylesheet
text/css 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-includes/blocks/navigation/style.min.css?ver=6.1.1
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 0942c38775c4203f6381c2cb580e68703fc88211183a6fa10d58f25cf4e55e58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 07:04:06 GMT
Server: nginx
ETag: W/"3bee-5ec77724755b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK blocks.style.build.css
opreturn.jp/wp-content/plugins/browser-shots/dist/ 140 B
445 B 21ms
11ms Stylesheet
text/css 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-content/plugins/browser-shots/dist/blocks.style.build.css?ver=1.7.4
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 729a1416748fa50d2806bdc2664522f78c64511e6638d0cd2f7df5407ba3b4ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Last-Modified: Tue, 23 Nov 2021 07:03:04 GMT
Server: nginx
ETag: "8c-5d16f552c4795"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK styles.css
opreturn.jp/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 20ms
11ms Stylesheet
text/css 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 07:01:47 GMT
Server: nginx
ETag: W/"b2b-5f5081eb0eb9b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK app.css
opreturn.jp/wp-content/plugins/simple-lightbox/client/css/ 231 B
536 B 20ms
10ms Stylesheet
text/css 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.9.3
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: f00c690f9ac9a7bbd3f1a4346472c52ff3329d51a5cc7823c2277b0aa041c443

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Last-Modified: Sat, 19 Nov 2022 07:29:13 GMT
Server: nginx
ETag: "e7-5edcdc7700a85"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK default.css
opreturn.jp/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 20ms
11ms Stylesheet
text/css 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-content/plugins/tablepress/css/build/default.css?ver=2.0.4
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: b7193bd1228920067e241fc9b5c987bfa8eb9b9dc06e986ff31e338b1f06d93f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 19:57:47 GMT
Server: nginx
ETag: W/"17b4-5f2a358d2228d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK view.min.js Show response
opreturn.jp/wp-includes/blocks/navigation/ 1 KB
814 B 21ms
11ms Script
application/javascript 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-includes/blocks/navigation/view.min.js?ver=c24330f635f5cb9d5e0e
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 3fbef27e01fa9ced2747df8e9ff7fff63d2c1c511027193cdf7937e3d0517863

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 07:04:06 GMT
Server: nginx
ETag: W/"478-5ec77724755b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK view-modal.min.js Show response
opreturn.jp/wp-includes/blocks/navigation/ 8 KB
3 KB 21ms
10ms Script
application/javascript 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-includes/blocks/navigation/view-modal.min.js?ver=45f05135277abf0b0408
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 00e1af7b16907296a301c46673a14580e1ea6cddb825d2a68724b60150b4733f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 07:04:06 GMT
Server: nginx
ETag: W/"1e63-5ec77724755b7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 114ms
60ms Script
text/javascript 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7746803152201374

Requested by

Host: opreturn.jp
URL: http://opreturn.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e7f278903fb814d9df46b99e9c9826a64331023e1531422ed2c5b6b32e49a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
Origin: http://opreturn.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48640
x-xss-protection: 0
server: cafe
etag: 17687121294636451478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:21:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 90ms
48ms Script
application/javascript 2404:6800:4004:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CT5QKJFQ28

Requested by

Host: opreturn.jp
URL: http://opreturn.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

362aa771cf9f1a2a8c05d4f5ffd83a3db5cee441ce7a6c22b902442abdabc53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
opreturn.jp/wp-includes/js/ 1 KB
1 KB 31ms
10ms Script
application/javascript 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-includes/js/wp-embed.min.js?ver=6.1.1
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 1f82f941e3d2db13e9164e3684e3eb2f804bd2696841468f44351db65d400cca

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 May 2022 07:00:15 GMT
Server: nginx
ETag: W/"5f6-5dfd0a01cd9f2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK index.js Show response
opreturn.jp/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
4 KB 32ms
11ms Script
application/javascript 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 07:01:47 GMT
Server: nginx
ETag: W/"2945-5f5081eb0fb3b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H/1.1 200
OK index.js Show response
opreturn.jp/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 31ms
10ms Script
application/javascript 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 07:01:47 GMT
Server: nginx
ETag: W/"3294-5f5081eb0fb3b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H2 200 MathJax.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/ 62 KB
17 KB 15ms
7ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Requested by

Host: opreturn.jp
URL: http://opreturn.jp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d588838c61dc2533f6b1aa81833de5327f4bab2e81cc3784000812b2079f14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7478471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17026
last-modified: Tue, 25 Aug 2020 20:24:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457386-f80b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaW3iE7fWO6zIJnqEk3CAvGLTR8HvBs4JK1WRi7a2E8MaG8VWQN2t8z1ZS%2FI2yK4e%2FBS2ekNHfzGbajcArog%2BxujNCkXl2YEYOdZyHBBqcqQQPY5UDB1DDn5XvrVWkwNoz0gOh6%2F0O8EEW2XOVdStO3Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e758ea5880e7-NRT
expires: Tue, 27 Feb 2024 08:21:18 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
opreturn.jp/wp-includes/js/ 18 KB
6 KB 21ms
20ms Script
application/javascript 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://opreturn.jp/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: HTTP/1.1
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:21:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 May 2022 07:00:16 GMT
Server: nginx
ETag: W/"48b9-5dfd0a01f1c15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H2 200 blueberry-1024x629.jpg
opreturn.jp/wp-content/uploads/2021/02/ 69 KB
69 KB 39ms
19ms Image
image/jpeg 183.181.98.147
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opreturn.jp/wp-content/uploads/2021/02/blueberry-1024x629.jpg
Requested by: Host: opreturn.jp
URL: http://opreturn.jp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.98.147 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv6146.xserver.jp
Software: nginx /
Resource Hash: a958481fc0424c98b4d57f7c30bc668f76708d70e1bc67e51c9cb65d6fe27ecd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
last-modified: Sun, 28 Feb 2021 09:49:38 GMT
server: nginx
etag: "11479-5bc626b6acb4a"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 70777
expires: Thu, 16 Mar 2023 08:21:18 GMT

GET
H2 200 default.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/config/ 42 KB
9 KB 8ms
8ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/config/default.js?V=2.7.9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373b5bf97021baf0c129dc23648ec0b5c6096d77765fcd8272ebbe2ac5bd5fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4193029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9027
last-modified: Tue, 25 Aug 2020 20:24:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457383-a7ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFU4j6p6sxym4i5Uwy1dDngXk%2BbRMEp3A%2Fcoh2450tmsycpm2SclKb1Ycjn07mT5y9VvQbZm8iGktKXouk8kCtzT6Fw4682DonyqeXEejr%2B5uM28ZXOSOPm3GU7KFk1Eh2xCj3uMtjSd1uishrvy1bjh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e7593aa680e7-NRT
expires: Tue, 27 Feb 2024 08:21:18 GMT

GET
H3 200 config.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/jax/input/TeX/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/jax/input/TeX/config.js?V=2.7.9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb7ba6175c1bd836b67ca6dfb13a8a430c1fc5ab325c9731b250eb674c6bc4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 27036596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 551
last-modified: Tue, 25 Aug 2020 20:24:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457386-4f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5%2BxQoZWzT6UCfxQsML%2FOlN7KgQSGagXOZVLjZ%2ButJRdCDVTqY5vIicjtOhjA2T3%2BSxgyntW3EMiDSB%2F%2B8oTgH2hSYm9%2BoGnEBxzDDIM0DKsezWxqYffy89uFLCF69numw6vJpGtY%2Fh5srzvsYNr8v3a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e7594932f5dd-NRT
expires: Tue, 27 Feb 2024 08:21:18 GMT

GET
H3 200 config.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/jax/output/HTML-CSS/ 3 KB
2 KB 10ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/jax/output/HTML-CSS/config.js?V=2.7.9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b4388c862097ef6a5ae80640ea45c8f681e60a8f47f7a6ce30fdc3f33d9dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4196252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1374
last-modified: Tue, 25 Aug 2020 20:24:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457386-df5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRCwT1yVNdxqJ%2F1GNU3FAOg3ww0A%2F07oO13RbF4LSU3kkC1RnY4wrHmWSF450DI9NLJGcHoW%2B%2BWj0%2FYsQHKyLb39o0NXSiun1Adj5l3n%2FNXc0YkvDUwyszi96FpEdA4icukNMUpFJcAiCS98Ptnetp%2BU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e7594934f5dd-NRT
expires: Tue, 27 Feb 2024 08:21:18 GMT

GET
H3 200 tex2jax.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/extensions/ 7 KB
3 KB 9ms
8ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/extensions/tex2jax.js?V=2.7.9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c2fbcc3106fd92ac736f808cde9583831ad72179c2a331ae8a447d98c5b806b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15377611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2341
last-modified: Tue, 25 Aug 2020 20:24:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457383-1bec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AidhWXN3nNfu7DVIwtFt2DzzDyo0Dd6d%2F1bw7yG0IF67C%2F2%2Bforu91N1yyi2f3Mkz9PVo5T%2BDiLq6UAdeBHHiGQ4pOgLmuD18W0yxHksnt82AeObkW3JRXh1H8SwBSSqrgeAVBBcEc8GDHXESfO8NMZm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e7594936f5dd-NRT
expires: Tue, 27 Feb 2024 08:21:18 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 111ms
69ms Script
text/javascript 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7746803152201374

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9949cd7786222c1b906e570b31a067d608e45744c244759b9c07ffb218c52660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121458
x-xss-protection: 0
server: cafe
etag: 5721971478702183022
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:21:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame F1BF 10 KB
5 KB 44ms
2ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7746803152201374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 22455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 02:07:04 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 02:07:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 148ms
39ms Ping
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CT5QKJFQ28&gtm=45je3360&_p=1938759908&cid=2040844699.1678350079&ul=en-us&sr=1600x1200&_s=1&sid=1678350079&sct=1&seg=0&dl=http%3A%2F%2Fopreturn.jp%2F&dt=OP_RETURN%E3%81%97%E3%82%88%E3%81%86%E3%81%9C%EF%BC%81%20%E2%80%93%20%E3%83%93%E3%83%83%E3%83%88%E3%82%B3%E3%82%A4%E3%83%B3%E3%81%A8%E6%9A%97%E5%8F%B7%E3%82%92%E5%AD%A6%E3%82%93%E3%81%A7BTC%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%83%81%E3%82%A7%E3%83%BC%E3%83%B3%E3%81%AB%E6%B0%B8%E9%81%A0%E3%81%AE%E6%96%87%E5%AD%97%E5%88%97%E3%82%92%E5%88%BB%E3%81%BF%E4%BB%98%E3%81%91%E3%82%88%E3%81%86%EF%BC%81&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CT5QKJFQ28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:21:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://opreturn.jp
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
466 B 42ms
41ms Script
text/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=opreturn.jp&callback=_gfp_s_&client=ca-pub-7746803152201374

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6251ea5c21bc6e20948328b8bef419e6cb6981bc27817c48178e580f85a3c876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
531 B 85ms
44ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=opreturn.jp

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
41ms Script
application/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opreturn.jp

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A09A 5 KB
946 B 104ms
103ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7746803152201374&output=html&adk=1812271804&adf=3025194257&lmt=1678350079&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fopreturn.jp%2F&ea=0&pra=5&wgl=1&dt=1678350079020&bpp=6&bdt=171&idt=253&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=803475119119&frm=20&pv=2&ga_vid=2040844699.1678350079&ga_sid=1678350079&ga_hid=1938759908&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842&oid=2&pvsid=1926098439220691&tmod=786376467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf796316bbc55616124a947c77eec6bb40fd4359a3ae061a17ae387a4e7d70b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 752
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:21:19 GMT
expires: Thu, 09 Mar 2023 08:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DCC 436 B
381 B 196ms
196ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7746803152201374&output=html&h=280&adk=4070374814&adf=4000994951&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678350079&rafmt=1&to=qs&pwprc=3607379692&format=1200x280&url=http%3A%2F%2Fopreturn.jp%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678350079026&bpp=1&bdt=177&idt=269&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=803475119119&frm=20&pv=1&ga_vid=2040844699.1678350079&ga_sid=1678350079&ga_hid=1938759908&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759842&oid=2&pvsid=1926098439220691&tmod=786376467&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=CluslcBMm7&p=http%3A//opreturn.jp&dtd=271

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d142507ec33f5c00d7cc5eb5f994cdebef1687bf324846f74af1956f588ff0fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:21:19 GMT
expires: Thu, 09 Mar 2023 08:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-7746803152201374 Show response
fundingchoicesmessages.google.com/i/ 126 KB
43 KB 200ms
160ms Script
application/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7746803152201374?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aaf335b24ea4ddc571d42e5eeceb4b1dc74cd268eaf3a50b53407f1fcd9ab61

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wWZ4cPoXS8svSgzxPzNDAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wWZ4cPoXS8svSgzxPzNDAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWfqiE1ADbGjVNoCOakEXfTDjYn1c96WFuBG9pYDUSd9VMG84pid4OJ2uP0ZEAIjriJ5_2WHtbWMtv6ZnAjuJ0= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 141ms
141ms Script
application/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWfqiE1ADbGjVNoCOakEXfTDjYn1c96WFuBG9pYDUSd9VMG84pid4OJ2uP0ZEAIjriJ5_2WHtbWMtv6ZnAjuJ0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MzUwMDc5LDY4OTAwMDAwMF0sIjI0NUEyOThFLThDQ0YtNDJGOC1BRTVELTk5QTk5MjIyQzZGNyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHA6Ly9vcHJldHVybi5qcC8iLG51bGwsW1s4LCJfODQ4MEp3T1BXZyJdLFs5LCJlbi1VUyJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._8480JwOPWg.es5.O/d=1/rs=AJlcJMyO1RNQfnaBFMykTsriORI5ve_AUg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cf08853d0a4f521304c72af156d578c7e2bb19d7e08be315fa0c000b9d6c0ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bB1ctN46Pwf-3AF8ZB1U8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-bB1ctN46Pwf-3AF8ZB1U8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 61ms
60ms XHR
application/json 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b6ed86bc446d57c5fb8491d895461e152f13c08f9b0a911c879bbb0216eb4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 92ms
54ms Script
text/javascript 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 08:21:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CAF 13 KB
5 KB 24ms
23ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 163698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 10:53:02 GMT
expires: Wed, 06 Mar 2024 10:53:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E365 783 B
1 KB 103ms
43ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c7c5d883a3350419cd7662b2407818e5a7bfc31ab7d191f89d2bce4d4238616

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yuQh9LBD5Si-fp4_vTtASw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://opreturn.jp/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-yuQh9LBD5Si-fp4_vTtASw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:21:20 GMT
expires: Thu, 09 Mar 2023 08:21:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CAF 36 KB
14 KB 13ms
13ms Script
text/javascript 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 19:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 19:34:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1CAF 0
10 B 8ms
7ms Image
text/plain 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BS0zAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E365 0
0 47ms
46ms Image
text/html 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=1926098439220691&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 MathMenu.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/extensions/ 37 KB
11 KB 6ms
6ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/extensions/MathMenu.js?V=2.7.9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373b2a4d4a6ec49a73b5a18c0bc363d6cd98c8336ff4b51244baa83a75933d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1944632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10269
last-modified: Tue, 25 Aug 2020 20:24:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457383-9567"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X2illj%2Fx2sAlw21IAqa2HoBJ2qAmSpE1jtUrw3esIHy%2BELcXh5zTIdStlWkk1qOmRX6ODS9iaKhQ4r%2BLiDp3Q66Bu45s6vYbOeOkOU3BGYW%2BMQWHRuosysXc%2BmDMWL86HZPm83c1DSbax4%2FqHO%2FhS02"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e760ee8ff5dd-NRT
expires: Tue, 27 Feb 2024 08:21:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=1926098439220691&bg=!JySlJHDNAAbv3-2Ez987ADkAdvg8WuD6VXawDWIJwxXsTmh4ro7-0QKqOxFJK-iHIOd4GFz5XzhXS23Qg0tBq1KonebFWQ_C-CsCAAAAV1IAAAACaAEHCgDmrR3Njbn8x8xbq9lw6E5WCqFnVntlbLOij4fmMe3o0nqYA1ENFpJc_Dmh68T9QmDQWzpIthXyB4MmNesUGFpfDm8Ixez5CyQc8Q6O8UcgPsMuz5w2j3_7rDJcnKMkgOGmTdsaP3kN4FskCuYzY-4Ji4ovYwPWPtE0QoKKpu_IKmoeMwPmVVZGvnNAqPp-bbcodruzVi8aweSob5mSYFKhdkFkUz9uDOPUkkfppvy454Nyb7NCAwGnJkz-LrHE-mwgrbVysnQMwGtoCiIo0uSvJasXizPWtRADi5bF1AfItt3nJ4vlTBWZAqPlU4BK67O8l8yWc4aB5gyohjGozoJCx9PWzsXOCCzyrQZOUsPbMJugEw24CMQXvdQG8CNmozr8j3-KYstmT5NYwj605Bcn5LkuiZWCT09oXlTDvBv7anUpGqk1wjjSNzhsRVyxyaBGsJl6ZsvIWsB-dK7xkqiXkQjuYuWdzO7sBKMX6onh8OVE286hlhFUPoEbBrix95L0GaWvhHQmMnV2bZVkD_6kgIMoO1UAhAvF3ZCb6bVLrGTDyg4Ye7cC3niXjd0giLDg8Jrl-K9CbDFMbI5mI5CijmiVqW8UHYRAfaf1eUsXdaN4yYAprVm-erox0WZPQbEYKB0awvtoh1KQQ9HMlQh33_XeYT8opz8NY2DUK-lymxtfmAzhs6Z2j7eFn0LqARSWWVTrrK7gueUro9khnAsZT99dFLVCypJyY2vp-3FHcDbmZt0hebza6q6Zd2FX9jh0IlkSVVWtvrrXwVS67f6ZQyVuqjqXa2N1kXfMHVht9cNLyWTAy7xx5A0gLDc8S94ES1pwuteR7FN3y2BaMGyfxaOn1hCyRm15eLrmjn0TuCLWU0LIAWsWHQHFKNyS4SkF9bZWUTr7SN5VzwXY8JTpLU-OJqJrQOaaV0DAayBmQjhhlFmc6cLdVlVrMmnSE02pPYXH36mXnjaZzG5QpGSAyb3VEWZOvhb8iTldtpapi6HSpm910zjm42T1VNlbYeRa3rbXl8jP9bZlojecxRY3FBVp5Q5lL49bu1REoLSIynaoglHX5gEjmTeJQfa6ZpPCNKmmtgzQXzlWN1V6l9ER1E5CyaEdCjeD9c3Gqoj1h2fCNJ8_5BTShz4G63B5Gk5W63J-0kUhnm9uRHio1hmUcuacLbEUhfX7TyP17cVdR8AYb73gGIV5bFcPlsM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 53ms
52ms Image
image/gif 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.633624609165901

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-E9Fdlq3QtZXnCA5qwL0Mbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:20 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-E9Fdlq3QtZXnCA5qwL0Mbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 236ms
236ms Image
image/gif 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.6042561038401284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-3cDa5kFXuAZNNI5hnb3Jvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-3cDa5kFXuAZNNI5hnb3Jvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 85ms
48ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bpxKtcohzTyAtO6g5vpAIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bpxKtcohzTyAtO6g5vpAIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://opreturn.jp
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MathZoom.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/extensions/ 8 KB
3 KB 7ms
7ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/extensions/MathZoom.js?V=2.7.9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.9/MathJax.js?config=default&ver=1.3.12

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2fbfc514f39851fd4d2aa6572f9dacdd7bef23cf0969d13606951dcf513773

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7431543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2622
last-modified: Tue, 25 Aug 2020 20:24:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f457383-21d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moOrmxhLXswcb4olGKFcJy69yc60vyDjKggBSc2N2k5rePUT7NkBmQ%2F8I7FCKTDHnR7B3%2BiCnTBMsbANyiTgpCM%2BwuaP%2FTKl4gBvSVFoiDrvAEVMZolm%2FUx%2BCJYB7Lr%2BcII3uUfrxAAXzKJzEj3sXuk1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a51e7672b23f5dd-NRT
expires: Tue, 27 Feb 2024 08:21:21 GMT

GET
H3 200 banner- Show response
fundingchoicesmessages.google.com/f/AGSKWxXHQvYmVglS0ajYX3CW3qAvo0Qqjzk8DIwioYK7p8Oa_EDcop2FkQTB5ndYXpS59nPPIzw4zdQrS30oTURujlNXgEkzQG4WyiJ9jUI5EmXlShqdOltv49Kv3HtgBxWHfjkg48G4dmNO_Za1yaAr8vOZXgQeI... 54 B
109 B 68ms
68ms Script
application/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXHQvYmVglS0ajYX3CW3qAvo0Qqjzk8DIwioYK7p8Oa_EDcop2FkQTB5ndYXpS59nPPIzw4zdQrS30oTURujlNXgEkzQG4WyiJ9jUI5EmXlShqdOltv49Kv3HtgBxWHfjkg48G4dmNO_Za1yaAr8vOZXgQeIaY6kaDtmuvmdo-B1D_51LIJmgvo-xMD/_/admeta./adbotleft./dig_ad._120_60./ads/banner-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._8480JwOPWg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyO1RNQfnaBFMykTsriORI5ve_AUg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07566c1a3e4588f09927e881c643e84af6af01166666589fe6cc93e59747418d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eocl3ZzsWQ634kpEPkLNUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eocl3ZzsWQ634kpEPkLNUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 10ms
10ms Script
text/javascript 2404:6800:400a:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._8480JwOPWg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyO1RNQfnaBFMykTsriORI5ve_AUg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80c::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:33:00 GMT

POST
H3 204 AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6HQecNI2ihUOjUh2TBz6lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6HQecNI2ihUOjUh2TBz6lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://opreturn.jp
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 217ms
217ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ARwxtH-aUZ4ES-TxrEbu5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ARwxtH-aUZ4ES-TxrEbu5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://opreturn.jp
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 180ms
180ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmkM_YJKIH2YAiWApTU5vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmkM_YJKIH2YAiWApTU5vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://opreturn.jp
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 231ms
231ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUk7nG2HI3GMCjQ8X51hDCh6dnuHqtNCObqB2P3F_PjOngY4W6OPAtEDbs5Z3RnWO__d7YmYDdPvUQ_fJkz91hKX87nkyFI-YeQy97pKR7hRxyT4PhX4PMtiRg-JZzgRUdZbLQYPQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TIvJWJHKD4VZD4Yw92MxCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-TIvJWJHKD4VZD4Yw92MxCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://opreturn.jp
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWUdwcFIrmxh9PnwnaTpK5VuSwRSuUgHYT5knmQzQDPBhYwQ5P3O1FMtnYuMSpKinHuDA3sc6drkCrQOIlukxL5MFL6bx6V6gleqJqUQQ6W7cgSCBtBaD2YFOusTYbv9hGazK1Usw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 243ms
242ms Script
application/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWUdwcFIrmxh9PnwnaTpK5VuSwRSuUgHYT5knmQzQDPBhYwQ5P3O1FMtnYuMSpKinHuDA3sc6drkCrQOIlukxL5MFL6bx6V6gleqJqUQQ6W7cgSCBtBaD2YFOusTYbv9hGazK1Usw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MzUwMDgxLDc0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHA6Ly9vcHJldHVybi5qcC8iLG51bGwsW1s4LCJfODQ4MEp3T1BXZyJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d954e16e1f0c6486823773caf8470b42a86f504d1c0794d9329c42a592bcfaf2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z2R6i5_iQ8-AYHFNvwZjJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-Z2R6i5_iQ8-AYHFNvwZjJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXMG-HUfGssttWlvAMYS-Qf8cQlUPooWs7CgB62MUGxy7Bf2GSR8XQos98E7cg23lG_ba6dGfskvfQWED66op0= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 57ms
57ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMG-HUfGssttWlvAMYS-Qf8cQlUPooWs7CgB62MUGxy7Bf2GSR8XQos98E7cg23lG_ba6dGfskvfQWED66op0=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JVu-F6oPltRcUk8E-ZQnAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-JVu-F6oPltRcUk8E-ZQnAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://opreturn.jp
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVDue886J0fHa31mv8ABXg_aIm1Sllruic6IkgRnN0l6AO-fiyE3mi9O67XmoOiZpS-WkL1sEjHBEJPmGlArEOtX1ve4LbPiRjL9zTinACjTmkGInSnfoB-RffRtPf8_m6FFTBMpw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 121ms
121ms Script
application/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVDue886J0fHa31mv8ABXg_aIm1Sllruic6IkgRnN0l6AO-fiyE3mi9O67XmoOiZpS-WkL1sEjHBEJPmGlArEOtX1ve4LbPiRjL9zTinACjTmkGInSnfoB-RffRtPf8_m6FFTBMpw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MzUwMDgxLDk5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHA6Ly9vcHJldHVybi5qcC8iLG51bGwsW1s4LCJfODQ4MEp3T1BXZyJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d0210eb61411e341ba152785015d3b734af70dfa49dd2bd38f6540728898445

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7VO3lpw_u0gMxLv7wqKMSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7VO3lpw_u0gMxLv7wqKMSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWLnXhYVXJmj-9CPERPyK43GBURCrcNVMgBiYqe0aPLhkfMj-W1ckQccGHCgGZCycECkvGgjSKlO7T4pJY-2Z99mdiysQj4jphAEHgrAU-P0nHDVyv-sBKzWBYiFZLNf56lN-s1MA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 190ms
189ms Script
application/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWLnXhYVXJmj-9CPERPyK43GBURCrcNVMgBiYqe0aPLhkfMj-W1ckQccGHCgGZCycECkvGgjSKlO7T4pJY-2Z99mdiysQj4jphAEHgrAU-P0nHDVyv-sBKzWBYiFZLNf56lN-s1MA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MzUwMDgyLDEyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL29wcmV0dXJuLmpwLyIsbnVsbCxbWzgsIl84NDgwSndPUFdnIl0sWzksImVuLVVTIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d1fb540141dfd95d22e41d23493321d35e4d4aca57d80bc1fe4b363079d98c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HXKLzAk3pWKP9DRCJXi7Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://opreturn.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:21:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-HXKLzAk3pWKP9DRCJXi7Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWqdN3EwrJ1tG2dzyYvdZkCV36IaL9XsdtY3DnwTvBCV35QEu5QXT0byhMXFcHcwaFFDMv9q6rElIDOglE7TMjN1M-OxE1QH2Qc_Rf-OqpbtRQdC4yOfnz9dHCP4E5o1FzWAN8phw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
51ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWqdN3EwrJ1tG2dzyYvdZkCV36IaL9XsdtY3DnwTvBCV35QEu5QXT0byhMXFcHcwaFFDMv9q6rElIDOglE7TMjN1M-OxE1QH2Qc_Rf-OqpbtRQdC4yOfnz9dHCP4E5o1FzWAN8phw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-khKXHFZkJMkt01v-ziG1aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-khKXHFZkJMkt01v-ziG1aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://opreturn.jp
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXMG-HUfGssttWlvAMYS-Qf8cQlUPooWs7CgB62MUGxy7Bf2GSR8XQos98E7cg23lG_ba6dGfskvfQWED66op0= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 229ms
229ms XHR
text/html 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMG-HUfGssttWlvAMYS-Qf8cQlUPooWs7CgB62MUGxy7Bf2GSR8XQos98E7cg23lG_ba6dGfskvfQWED66op0=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nK18GPxo_ppbxOPd25ygKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://opreturn.jp/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:21:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-nK18GPxo_ppbxOPd25ygKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://opreturn.jp
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.opreturn.jp/	1970-01-20 19:48:30	Name: _ga_CT5QKJFQ28 Value: GS1.1.1678350079.1.0.1678350079.0.0.0
.opreturn.jp/	1970-01-20 19:48:30	Name: _ga Value: GA1.1.2040844699.1678350079
.opreturn.jp/	1970-01-20 19:34:06	Name: __gads Value: ID=de21dffebcc65569-228fe060eddb0016:T=1678350079:RT=1678350079:S=ALNI_MaZhrN9eVagZghISk8fQEm2GYJW_Q
.opreturn.jp/	1970-01-20 19:34:06	Name: __gpi Value: UID=00000bd4d87115c1:T=1678350079:RT=1678350079:S=ALNI_MZq-EU5SV4aDNbGdQ0n0zKI7HXdig
.doubleclick.net/	1970-01-20 10:12:30	Name: test_cookie Value: CheckForPermission
.opreturn.jp/	1970-01-20 18:58:06	Name: FCNEC Value: %5B%5B%22AKsRol9ZcSISYlrWB_RHzmPiV5Dc3IbFWgpXYTq_Ph9K7AEXrpyEnGLk_ZAfnG4G4kkN_tYQXDiJKYbVTJokMMjAiilbxFdqfxU_dxJLwDpAuIvewgZbckArPKpIrCfZWTbRhME8eTn66TlkM2UMMkZWHsTyPHUM3g%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
opreturn.jp
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
183.181.98.147
2404:6800:4004:80b::2001
2404:6800:4004:81f::2002
2404:6800:4004:820::2002
2404:6800:4004:820::200e
2404:6800:4004:821::2004
2404:6800:4004:822::2008
2404:6800:4004:824::200e
2404:6800:4004:827::2002
2404:6800:400a:80c::2002
2606:4700::6811:180e
00e1af7b16907296a301c46673a14580e1ea6cddb825d2a68724b60150b4733f
07566c1a3e4588f09927e881c643e84af6af01166666589fe6cc93e59747418d
0942c38775c4203f6381c2cb580e68703fc88211183a6fa10d58f25cf4e55e58
0d588838c61dc2533f6b1aa81833de5327f4bab2e81cc3784000812b2079f14c
1f82f941e3d2db13e9164e3684e3eb2f804bd2696841468f44351db65d400cca
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
362aa771cf9f1a2a8c05d4f5ffd83a3db5cee441ce7a6c22b902442abdabc53e
373b2a4d4a6ec49a73b5a18c0bc363d6cd98c8336ff4b51244baa83a75933d7c
373b5bf97021baf0c129dc23648ec0b5c6096d77765fcd8272ebbe2ac5bd5fb0
3c7c5d883a3350419cd7662b2407818e5a7bfc31ab7d191f89d2bce4d4238616
3fbef27e01fa9ced2747df8e9ff7fff63d2c1c511027193cdf7937e3d0517863
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
4b6ed86bc446d57c5fb8491d895461e152f13c08f9b0a911c879bbb0216eb4de
4d2fbfc514f39851fd4d2aa6572f9dacdd7bef23cf0969d13606951dcf513773
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d1fb540141dfd95d22e41d23493321d35e4d4aca57d80bc1fe4b363079d98c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6251ea5c21bc6e20948328b8bef419e6cb6981bc27817c48178e580f85a3c876
6aaf335b24ea4ddc571d42e5eeceb4b1dc74cd268eaf3a50b53407f1fcd9ab61
6d0210eb61411e341ba152785015d3b734af70dfa49dd2bd38f6540728898445
6e504641459e50b38ec9130d41121eb4866c96fa86e5da3a87e35ee4bc7b1e66
6e7f278903fb814d9df46b99e9c9826a64331023e1531422ed2c5b6b32e49a94
729a1416748fa50d2806bdc2664522f78c64511e6638d0cd2f7df5407ba3b4ef
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8cf08853d0a4f521304c72af156d578c7e2bb19d7e08be315fa0c000b9d6c0ae
9949cd7786222c1b906e570b31a067d608e45744c244759b9c07ffb218c52660
9c2fbcc3106fd92ac736f808cde9583831ad72179c2a331ae8a447d98c5b806b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a958481fc0424c98b4d57f7c30bc668f76708d70e1bc67e51c9cb65d6fe27ecd
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b7193bd1228920067e241fc9b5c987bfa8eb9b9dc06e986ff31e338b1f06d93f
bb7ba6175c1bd836b67ca6dfb13a8a430c1fc5ab325c9731b250eb674c6bc4a9
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf796316bbc55616124a947c77eec6bb40fd4359a3ae061a17ae387a4e7d70b1
d142507ec33f5c00d7cc5eb5f994cdebef1687bf324846f74af1956f588ff0fc
d954e16e1f0c6486823773caf8470b42a86f504d1c0794d9329c42a592bcfaf2
e0b4388c862097ef6a5ae80640ea45c8f681e60a8f47f7a6ce30fdc3f33d9dfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00c690f9ac9a7bbd3f1a4346472c52ff3329d51a5cc7823c2277b0aa041c443

opreturn.jp Open in urlscan Pro 183.181.98.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

78 %HTTPS

91 %IPv6

9 Domains

12 Subdomains

11 IPs

3 Countries

503 kBTransfer

1338 kBSize

6 Cookies

1 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

opreturn.jp Open in urlscan Pro
183.181.98.147 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

78 %
HTTPS

91 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

503 kB
Transfer

1338 kB
Size

6
Cookies

55 HTTP transactions
0 data transactions