ja.ntcdoon.org Open in urlscan Pro
2606:4700:3032::6815:4bab Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.ntcdoon.org/
Submission Tags: test
Submission: On February 09 via api (February 9th 2022, 12:17:51 pm UTC) from JP — Scanned from JP

Summary HTTP 218 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 29 domains to perform 218 HTTP transactions. The main IP is 2606:4700:3032::6815:4bab, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.ntcdoon.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2021. Valid for: a year.

This is the only time ja.ntcdoon.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3032::6815:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3031::6815:22c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
3	45.133.44.24 45.133.44.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
7	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
4	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
32	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
6	216.58.197.194 216.58.197.194	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2404:6800:400... 2404:6800:4004:811::2001	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:80b::2003	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::ac43:b345	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
5 9	2404:6800:400... 2404:6800:4004:801::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:818::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:823::2001	15169 (GOOGLE) (GOOGLE)
2 2	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:48... 2a02:128:7:4860::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
3	2606:4700:303... 2606:4700:3033::ac43:b8ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:128:7:47... 2a02:128:7:4777::1	() ()
5	2404:6800:400... 2404:6800:4004:80b::200e	() ()
218	29

32 2606:4700:3032::6815:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

ja.ntcdoon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ntcdoon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::6815:22c2 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7823541d29.bfeb247ed9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.197.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s48-in-f194.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2404:6800:4004:811::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:80f::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:b345 (United States)

ASN13335 (CLOUDFLARENET, US)

ntcdoon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:801::2004 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::2001 (Australia)

ASN15169 (GOOGLE, US)

2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:252:564d::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4860::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:b8ea (United States)

ASN13335 (CLOUDFLARENET, US)

stream.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4777::1 (None, )

ASN- ()

vs.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80b::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com	838 KB
35	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	385 KB
34	ntcdoon.org ja.ntcdoon.org ntcdoon.org Failed	3 MB
12	gstatic.com www.gstatic.com fonts.gstatic.com	228 KB
12	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
9	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	70 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	291 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	4 KB
6	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 148236	130 KB
5	youtube.com www.youtube.com	699 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	111 KB
5	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 251467	22 KB
4	bantgoau.com stream.bantgoau.com — Cisco Umbrella Rank: 43439 vs.bantgoau.com	672 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 41946	1 KB
2	rtbbnr.com 2 redirects rtbbnr.com — Cisco Umbrella Rank: 28978	2 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 24188	30 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	1 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 71	39 KB
1	baimgfroggd.site 1 redirects tb.baimgfroggd.site — Cisco Umbrella Rank: 36408	689 B
1	zog.link 1 redirects tcimp.zog.link — Cisco Umbrella Rank: 39663	319 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 743	389 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	644 B
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 36598	10 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 34210	6 KB
1	bfeb247ed9.com 7823541d29.bfeb247ed9.com	199 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 35961	610 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	29 KB
1	load02.biz load02.biz — Cisco Umbrella Rank: 568456	20 KB
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 99308	597 B
218	29

	Domain	Requested by
40	tpc.googlesyndication.com	googleads.g.doubleclick.net ja.ntcdoon.org pagead2.googlesyndication.com tpc.googlesyndication.com
33	ntcdoon.org	ja.ntcdoon.org ntcdoon.org
30	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ja.ntcdoon.org
19	pagead2.googlesyndication.com	ja.ntcdoon.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	www.google.com	5 redirects googleads.g.doubleclick.net ja.ntcdoon.org tpc.googlesyndication.com stream.bantgoau.com
9	mc.yandex.ru	2 redirects ja.ntcdoon.org mc.yandex.ru
8	fonts.gstatic.com	fonts.googleapis.com
8	www.googletagservices.com	googleads.g.doubleclick.net cdn.zx-adnet.com
7	fonts.googleapis.com	ja.ntcdoon.org googleads.g.doubleclick.net securepubads.g.doubleclick.net
6	cdn.zx-adnet.com	ja.ntcdoon.org cdn.zx-adnet.com
5	www.youtube.com	www.google.com www.youtube.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ja.ntcdoon.org
5	newrrb.bid	ja.ntcdoon.org newrrb.bid
4	www.gstatic.com	googleads.g.doubleclick.net
3	stream.bantgoau.com	js.cabnnr.com stream.bantgoau.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.jp	pagead2.googlesyndication.com
2	rtbbnr.com	2 redirects
2	js.wpadmngr.com	cst.cstwpush.com js.wpadmngr.com
2	counter.yadro.ru	1 redirects ja.ntcdoon.org
1	vs.bantgoau.com	stream.bantgoau.com
1	lh3.googleusercontent.com	stream.bantgoau.com
1	tb.baimgfroggd.site	1 redirects
1	tcimp.zog.link	1 redirects
1	2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	js.cabnnr.com	js.wpadmngr.com
1	js.wpushsdk.com	js.wpadmngr.com
1	7823541d29.bfeb247ed9.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	code.jquery.com	ja.ntcdoon.org
1	load02.biz	ja.ntcdoon.org
1	cst.cstwpush.com	ja.ntcdoon.org
1	ja.ntcdoon.org
218	36

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
ntcdoon.org
ar.ntcdoon.org
bg.ntcdoon.org
cs.ntcdoon.org
de.ntcdoon.org
el.ntcdoon.org
es.ntcdoon.org
et.ntcdoon.org
fi.ntcdoon.org
fr.ntcdoon.org
hi.ntcdoon.org
hr.ntcdoon.org
hu.ntcdoon.org
id.ntcdoon.org
it.ntcdoon.org
iw.ntcdoon.org
ko.ntcdoon.org
lt.ntcdoon.org
lv.ntcdoon.org
ms.ntcdoon.org
nl.ntcdoon.org
no.ntcdoon.org
pl.ntcdoon.org
pt.ntcdoon.org
ro.ntcdoon.org
ru.ntcdoon.org
sk.ntcdoon.org
sl.ntcdoon.org
sr.ntcdoon.org
sv.ntcdoon.org
th.ntcdoon.org
tr.ntcdoon.org
uk.ntcdoon.org
vi.ntcdoon.org
cn.ntcdoon.org
tw.ntcdoon.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-19` - `2022-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.drivermanager.club GTS CA 1D4	`2022-01-07` - `2022-04-07`	3 months	crt.sh
cst.cstwpush.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
load02.biz R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
js.wpadmngr.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
na.nawpush.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
7823541d29.bfeb247ed9.com R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
js.wpushsdk.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
js.cabnnr.com R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
vs.bantgoau.com R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://ja.ntcdoon.org/
Frame ID: 0B82C0F67E2A837771897959C4466254
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/zrt_lookup.html
Frame ID: BB6FB6C3D0475E1AE19E1FDDE5906693
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1644409064&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.ntcdoon.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064302&bpp=2&bdt=210&idt=239&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2334156428120&frm=20&pv=2&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262
Frame ID: 9C6183B4476062FA4212E97D4E7EDEC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1644409064&psa=0&format=728x90&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064304&bpp=2&bdt=212&idt=268&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fYtkw9MdDW&p=https%3A//ja.ntcdoon.org&dtd=272
Frame ID: F5632834E493AAAE74CB52EE5DF9505F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=100&slotname=8129016002&adk=1818732334&adf=3915410515&pi=t.ma~as.8129016002&w=320&lmt=1644409064&psa=0&format=320x100&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=275&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zx1yTForvR&p=https%3A//ja.ntcdoon.org&dtd=278
Frame ID: 659E0E6459D8978261C369C20A26C0EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284
Frame ID: 21B1112E23628A94C3B27F2907282F6D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=145370778&pi=t.ma~as.6624362644&w=336&lmt=1644409064&psa=0&format=336x280&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=284&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=FUe6VoBOqY&p=https%3A//ja.ntcdoon.org&dtd=286
Frame ID: 9E8CF3D3AD71778AD37472C5F8E77615
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=288&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=mX07guuVUJ&p=https%3A//ja.ntcdoon.org&dtd=291
Frame ID: 71D9174720C0E1A7069728344A5FB388
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=3671764194&pi=t.ma~as.6624362644&w=336&lmt=1644409064&psa=0&format=336x280&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=295&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=GLtAjXyTWo&p=https%3A//ja.ntcdoon.org&dtd=298
Frame ID: 61C5141E2ED09EFCFA440B5C026F9BD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1644409064&psa=0&format=300x600&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=299&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=4xMpfhDB3Y&p=https%3A//ja.ntcdoon.org&dtd=300
Frame ID: 4D49B7DE2C0B5FB480395C16B919BD94
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=250&slotname=5143760017&adk=3298004681&adf=3437239624&pi=t.ma~as.5143760017&w=300&lmt=1644409064&psa=0&format=300x250&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=303&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&xpc=uZlp3DUVfx&p=https%3A//ja.ntcdoon.org&dtd=305
Frame ID: B804AC83C80F7D565EFF28E86AF6911D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=1264272911&pi=t.ma~as.6624362644&w=336&lmt=1644409064&psa=0&format=336x280&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=217&idt=313&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&xpc=sCfQIAgMdm&p=https%3A//ja.ntcdoon.org&dtd=315
Frame ID: AB5475A8FE31BB1ED9868E492CEDBD6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7E264864F15D6618CB9EDFF3FB42EAD2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B04A8AB205DBB3D59920BFB4F866CF4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1644409065&psa=0&format=240x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=216&idt=309&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&xpc=3fe3hBYZZu&p=https%3A//ja.ntcdoon.org&dtd=952
Frame ID: 5DC55CB565E64C499E76E6017AA80855
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C81991C57D5B61CFA4F026187AA6BD3F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: 15E2CBAB3EC6651FF245D4D234ABE699
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: CC1F7FBD4763303AC8F893BC3EFA85B8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: 68BBA8F9A36029ADD73C87837B39C104
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: B2F60895450DAEF233A9BE4B7F8883A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1
Frame ID: A9C0E61EEB7721409B2B71CFC71C23BC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3CBAFFE9763C19D91B1828878D7697A3
Requests: 10 HTTP requests in this frame

Frame: https://2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB0CAD00633B2508B609E9584C59CE1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 34344446EC1DA96A5935D7215585B53A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EAC2AAB2D3048753DFE7B4F42D80AAC8
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A9%E7%99%BB%E3%83%A0%E3%81%A3%E3%81%AA%E9%96%8B%E3%81%A1%E5%A4%A7%E3%81%8F%E3%81%9F%E3%81%A8%E3%81%8C%E3%83%A3%E3%82%82%E4%BA%BA%E3%81%A7%E9%80%80%E3%82%BF%E3%82%AD%E4%BD%9C%E3%83%AA%E3%83%B3%E3%81%AE%E3%83%BC%E5%A3%AB%E5%93%81%E3%82%AF%E6%B0%97%E9%AD%94%E3%81%A6%E5%8E%BB%E5%A0%B4%E3%82%BE%E9%81%8E
Frame ID: 87200FD4BD23A1DE1359214C93EB959C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: AD4C6571B65D324D4A0844FEDC1BE80E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: 02FE34733F68137823ABF66A2E5DB424
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: B7EC187BE759B3F695B882E74CD13868
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js
Frame ID: F6CB9CD17F76AE4EC3E2690F33AE0F85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58CFDFE2DA7DA0A3199EEAEF565FE04A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 467A48C93D1045AABC1DC14504D2710C
Requests: 2 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14
Frame ID: DEAB0D882ED4F459221E8D9B9973634E
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/bundle16.js
Frame ID: D9BE5064B43893A8F97E6DF9B11F8401
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: B3A3B7C9B64043172DA6D489E8CE08FE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

▶️ Ntcdoon

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

218
Requests

95 %
HTTPS

81 %
IPv6

29
Domains

36
Subdomains

29
IPs

6
Countries

6743 kB
Transfer

13484 kB
Size

18
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ar.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://bg.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://cs.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://de.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://el.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://es.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://et.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://fi.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://fr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://hi.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://hr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://hu.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://id.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://it.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://iw.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ko.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://lt.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://lv.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ms.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://nl.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://no.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://pl.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://pt.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ro.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ru.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sk.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sl.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sv.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://th.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://tr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://uk.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://vi.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://cn.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://tw.ntcdoon.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.ntcdoon.org/;0.8340909293740233 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.ntcdoon.org/;0.8340909293740233

Request Chain 116

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.ntcdoon.org%22:{%22https://ja.ntcdoon.org/%22:%22%22}}}&r=0.21749523784078018 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.21749523784078018

Request Chain 118

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.ntcdoon.org%22:{%22https://ja.ntcdoon.org/%22:%22%22}}}&r=0.37689047258343855 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.37689047258343855

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 215

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjgwNDAzNTA1NiIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjEwNjY3LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiJ9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjEwNjY3IiwicGFnZSI6Imh0dHBzOi8vamEubnRjZG9vbi5vcmcvIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6Ijc1ZjY3ZDAyMGE2YzJjNDU2MWQxY2E0NjcwMzQ1YjBhIn0sImV4dCI6eyJkdCI6MTY0NDQwOTA2NzM5Nn19 HTTP 302
https://rtbbnr.com/banner/in/show/?mid=1035444622&pid=0&site=10667&sc=NL&usage_type=DCH&subid=804035056&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.040261224489796&ecpm=0.040261224489796&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=ja.ntcdoon.org&hostname=auc-banner-hz-0&site_id=0&spot_id=10667&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2a00:1633:128:4::7&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3DDWSIAPA9XqPVsmyWBUHOrEfNMb13KAcJ_nXMy3v8zHeR8kaIJB3Fc-SzS4lORABK43vvaRuqCJZvj-Uq1JwUNBQZB4n7nYZey89W2k9sIcps0zlXuX-vBblQNR9k6WBvc3e4yfOfCjl9nI48o0ubOCVbQoz4KaLjwqvK2aQzMlH5BMBy-LB82RMW41dDVR4v0M-rGmBqFx9RZg0pdeNUdz-t3PPxfEow3jfauV4wgOxP0K6HuzEKNQ7AZK05VJXltvGCBl3QrZs2WOJ6Y_qaXKrUlry11wAUHEhtroS0wEXxjkzYAFkvRMH45CZhPAMJn9B0ipxd5J90txB3MQU2RBOtpci3UQ1uuW3cpjvX0Amz2ZeMqp6E7RfGotb4vgqxRjmo-TFxwWinHVROn9pgmfptnGC96HVpfqSZ3i8vYHBlmAKhu4flWzGR0T7vpyE8TTDtCaPvqIpxz-bH6_f5NOcf_PbcB4aBcOqnzg&pr= HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=DWSIAPA9XqPVsmyWBUHOrEfNMb13KAcJ_nXMy3v8zHeR8kaIJB3Fc-SzS4lORABK43vvaRuqCJZvj-Uq1JwUNBQZB4n7nYZey89W2k9sIcps0zlXuX-vBblQNR9k6WBvc3e4yfOfCjl9nI48o0ubOCVbQoz4KaLjwqvK2aQzMlH5BMBy-LB82RMW41dDVR4v0M-rGmBqFx9RZg0pdeNUdz-t3PPxfEow3jfauV4wgOxP0K6HuzEKNQ7AZK05VJXltvGCBl3QrZs2WOJ6Y_qaXKrUlry11wAUHEhtroS0wEXxjkzYAFkvRMH45CZhPAMJn9B0ipxd5J90txB3MQU2RBOtpci3UQ1uuW3cpjvX0Amz2ZeMqp6E7RfGotb4vgqxRjmo-TFxwWinHVROn9pgmfptnGC96HVpfqSZ3i8vYHBlmAKhu4flWzGR0T7vpyE8TTDtCaPvqIpxz-bH6_f5NOcf_PbcB4aBcOqnzg HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.065110&katds_labels=&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14&ts=1644409068 HTTP 302
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14

218 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ja.ntcdoon.org/ 41 KB
8 KB 402ms
378ms Document
text/html 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c84283a32be9f8de0b92edf82bb134bb17c1e0917b5803221f13e28018452b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Thu, 10 Feb 2022 12:17:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SLLfjiIm%2B7KRETn2QIUeVqKiQqSU%2FxniTaYsmsMpxlMHSXDkyqG%2BmzYSN72YOsOhDh8pYiImWPAnwTh5FGlTfSC2pmL4Td1av%2BUtauAHA%2BmcMC5E%2FcjuREZbVAPpVp2vsOrEpvA7kmNPUr57w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dad09482a0434bd-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 89ms
49ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cd98589666c847c214e3eda7c2b7d2a168d54454dfc9efb5595ffe7061ca871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.ntcdoon.org/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52718
x-xss-protection: 0
server: cafe
etag: 16386284345119304907
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:17:44 GMT

GET
H2 200 51pb.min.js Show response
newrrb.bid/ 66 KB
20 KB 1195ms
1139ms Script
text/javascript 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.min.js

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d53afdce56775cb3f314ccb015d15e7ffc3c9d24a52ff16379bca9f70c4e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
duration: 301168
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Feb 2022 12:12:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23MdyvDhqxPii74HmtanHOJg7ZgiOo%2Be2z%2FHt8i8u%2Ff9LyJARxFWi2z9t2ICIg6VPrBPN1adQI5AgeJJCdXOOUrnrpCg1yWyY2jjA92RJhncwY2W1Bsb%2FgnodFKxZ5KtJep3X9AufkyR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6dad094b0dc080fb-NRT
access-control-allow-headers: *
expires: Wed, 09-Feb-2022 14:22:44 EET

GET
H2 200 drm56_19091901.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 12ms
3ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/drm56_19091901.js

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644409064.154649,VS0,VE1
etag: "d19f1de6243194dbbeaf5e3ecbc9aa1b386f3241bfe4e3200dbae8c980dc6177-br"
x-served-by: cache-nrt18321-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 09 Feb 2022 12:17:44 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19487
x-cache-hits: 1

GET debian-deb-command-not-found-how-can-i-fix-it-closed.jpg
ntcdoon.org/pictures/linux/ 0
0

GET
H2 200 plot-a-data-frame-as-a-table.gif
ntcdoon.org/pictures/r/ 35 KB
36 KB 839ms
836ms Image
image/gif 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/r/plot-a-data-frame-as-a-table.gif
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae175a0537498cf9a212e87bb69fb6ec4ac14593c27fdd824d8b782222f6bd73

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36313
last-modified: Tue, 22 Dec 2020 01:14:33 GMT
server: cloudflare
etag: "8dd9-5b7034c2028fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLc2taotNh4bLoC3poElFFEeKMsOn9PoVp%2Bnf8c3bTnnKKNeN5m%2F6xBLo0whcwTDzjJn10J6vHk%2BcH4rFM%2FdcelUg1TWKRAlCNp7wo3C2HJWRYbwzeD1q38mmy4TzcH52%2BeWmlhOy4XjFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094aedf034bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 python-long-integer-division-error-how-do-i-fix-this.gif
ntcdoon.org/pictures/math/ 33 KB
34 KB 824ms
822ms Image
image/gif 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/math/python-long-integer-division-error-how-do-i-fix-this.gif
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb043c34319f34631f549b1dcaca41e0e89b32b635bcf9efab0623a2839f2108

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34110
last-modified: Tue, 22 Dec 2020 01:14:28 GMT
server: cloudflare
etag: "853e-5b7034bd52573"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJmu1k%2FMKeL5B49IfNe22y20f%2BNkCJNXvHSS8TBUV%2B8ygoagn%2FbrwOegibZoG5rGZ4vR4c5Iz8aAr7R7ZRl8WSE1Iy1EsMCPOPfW5hTcu%2Bsy1UN3xc9ALjdHcbcugWAzUyita2hhN3%2BQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094aedf134bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 what-is-the-difference-between-set-and-list.jpg
ntcdoon.org/pictures/java/ 107 KB
107 KB 14ms
11ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/java/what-is-the-difference-between-set-and-list.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f828549708b259f7b25f024f6a49a9deb66c2df08ea67f3a2219b626859e603

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4449306
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109093
last-modified: Tue, 22 Dec 2020 01:14:25 GMT
server: cloudflare
etag: "1aa25-5b7034baad918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sose72RVQq9j5piWsfEyhVfK%2Bzg5oyliDS5rSVp%2F0DvZcZFNs4KUFwLTnqDyEAfC78sKfLj8cbYM5af6zIh3z2I3P0EnRqdXON92qZlcvrLaUFjFS5LU0L6Wn2D%2BNSMFaJ3ePg4jm5oCPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094aedf234bd-NRT
expires: Tue, 20 Dec 2022 00:22:38 GMT

GET
H2 200 shortcut-for-code-block-macro-in-confluence-editor.png
ntcdoon.org/pictures/shortcut/ 10 KB
11 KB 574ms
572ms Image
image/png 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/shortcut/shortcut-for-code-block-macro-in-confluence-editor.png
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db8c38ef8934ff829716b41fc33f0d6deca1c0f3b3698ae9692efdd56b48e44

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10662
last-modified: Tue, 22 Dec 2020 01:14:35 GMT
server: cloudflare
etag: "29a6-5b7034c417c6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOfrG7vsVK3wIAnMLftTqJhkloYefMQkYfpU13W3TJXCTUNp5tD%2BzkB8EUAud9Ad5gPKtu9Z9EWN%2B3tcAARhxZtWyQBTMtkQ4xGBa0bja35FyxdSiMU5BYkAWu928XLSFQtgmCNNckJnTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094aedf334bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET how-to-check-if-change-tracking-is-enabled-on-a-specific-table.jpeg
ntcdoon.org/pictures/sql/ 0
0

GET sql-server-destination-vs-ole-db-destination.png
ntcdoon.org/pictures/ssis/ 0
0

GET why-do-i-have-problems-whith-com-jakewhartonbutterknife7-0-1-in-android-studio-3-0.jpg
ntcdoon.org/pictures/java/ 0
0

GET how-to-find-the-server-processing-time-by-iis-logs.jpg
ntcdoon.org/pictures/performance/ 0
0

GET how-to-use-flock-in-php-closed.jpg
ntcdoon.org/pictures/how/ 0
0

GET
H2 200 why-is-scissor-test-behind-fragment-operation.jpg
ntcdoon.org/pictures/opengl/ 43 KB
43 KB 803ms
800ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/opengl/why-is-scissor-test-behind-fragment-operation.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217b20ac8a4d217988d54599c702822856441d77d4d601aeb781a6dd31e2f9d8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43997
last-modified: Tue, 22 Dec 2020 01:14:30 GMT
server: cloudflare
etag: "abdd-5b7034bed60b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E46x2JWnWrdVlGy%2FfMBYVQsb45vVAqIIcpp9v4MUPrHd2dF41whH%2BMQ29qoD626wprWTADedUBPB0pWe2kYU2Pj%2BZQs4y9E9o0lqedtFp66gyZhXms7M5ptEH1qODjdFhBCnVkRCYm57Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094aedfe34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET how-to-clone-a-bitbucket-repository-1.png
ntcdoon.org/pictures/git/ 0
0

GET
H2 200 adv.css
ntcdoon.org/template/ntcdoon/css/ 61 KB
42 KB 33ms
22ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/adv.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290377
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 17:55:44 GMT
server: cloudflare
etag: W/"f5d7-5bd467e1b799b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXYbxFMVgriQU0xn8Af6wB6BTjsgfu8rq5WC72QkOZJtZRFr4VVG860sige85NCaMVC%2Bogp24PwZ9iSI8tQQQDE3TOofH5T2WCNT9Ta4WrB3xCVy89Ym2jIa9ThMOCiouwPequ1yzDUieQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094acdac34bd-NRT
expires: Sun, 20 Feb 2022 03:38:07 GMT

GET
H2 200 adManager.js Show response
cst.cstwpush.com/static/ 451 B
597 B 14ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 09 Feb 2022 12:22:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 / Show response
load02.biz/ 20 KB
20 KB 713ms
238ms Script
application/javascript 143.198.248.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.64 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1c814cc16dacd9700a8b3753d01db47ad35e43789b592f59ef2fb240603a2b9e

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Feb 2022 12:17:44 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 678ms
222ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e7e"
vary: Accept-Encoding
x-hw: 1644409064.dop216.pa1.t,1644409064.cds215.pa1.hn,1644409064.cds037.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H2 200 jquery.unveil2.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 3 KB
2 KB 27ms
17ms Script
application/javascript 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/jquery.unveil2.min.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558730
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:02 GMT
server: cloudflare
etag: W/"b2e-5b702d442afc9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDcfu%2FIWHQTM5TbHFhWm8e%2FlyyzXD0xgkTWYI93EWBFvAuJitKJmUfkov1Cix2JPGp%2Bnzd8UZc758EABiQ1wnjFBlIJOUEzyLrBjuNB9Y7%2B5hBIOSb408Q1A3rUx2u%2BuOnnpCo8MxhKD0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dad094acdad34bd-NRT
expires: Thu, 17 Feb 2022 01:05:34 GMT

GET
H2 200 css.css
ntcdoon.org/template/ntcdoon/css/ 4 KB
848 B 28ms
17ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/css.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660c441fbe06d3bfdd2ca05adc3f194ea8b015e131f9da7d3b58970484ceba5d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144343
cf-polished: origSize=5237
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:19 GMT
server: cloudflare
etag: W/"1475-5b702d1b3180c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xztFTmI35z7t%2BJacIl%2F7J0Ng6eqzcZLGD5vJ9BS30MFIMMUN23ZT4xcoVbwN7RPQD%2FqORDHaicR%2FRLkFEQt5ruSLyyscDhJ%2FOIzS%2FCXjKPQcXJh30n%2BG6h0ib1D%2FbBaV8eeJs045dbtIhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094acdaf34bd-NRT
expires: Thu, 10 Feb 2022 06:25:21 GMT

GET
H2 200 icon.css
ntcdoon.org/template/ntcdoon/css/ 419 B
600 B 27ms
16ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/icon.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b78b033d5e3a08091e84573075afe0c48dff4b419d4912441a50dacba2b7d42

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1075407
cf-polished: origSize=520
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:22 GMT
server: cloudflare
etag: W/"208-5b702d1e2466f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCTwasUKjv8NX7Ntltfk%2BGaieSN%2BdqmZHvEymvHqCXYoKa6zcKgVAk0AvDKi2ybYNlKebGQKRCori2cO3DHr37A7ZvSq%2FKnjF01k%2BIb7RkZJxHyaHpxRJVBbZNZW7eF1%2Fqo53mkO7X7HGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094acdae34bd-NRT
expires: Fri, 11 Feb 2022 01:34:17 GMT

GET
H2 200 zebra_tooltips.min.css
ntcdoon.org/template/ntcdoon/css/ 1 KB
964 B 37ms
27ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/zebra_tooltips.min.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4c3280eec6c5418d65532a87423a34c0919698bc9a4826484d5cb28a9e7b07

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144344
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:37 GMT
server: cloudflare
etag: W/"475-5b702d2c302ec-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o7UcPN8g8TyWwhykXi%2Fu0R%2FWjmkS1NnjaBN961W2PNMfMrfx9ZZtHjYo9dmdm5OpfbVkXQA4ZE9wvyilYYPC5G9VF18bvdphik9PacJ6Sx71OzFvMR%2FKh9q1hMennP24Ky1pU%2FuSJrwUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094acdb034bd-NRT
expires: Thu, 10 Feb 2022 06:25:20 GMT

GET
H2 200 owl.carousel.min.css
ntcdoon.org/template/ntcdoon/css/ 3 KB
1 KB 26ms
16ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/owl.carousel.min.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70e11e56d144b5ad82ecae3c398a8ecc009d82a72a54412955fba3fb30546915

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1075407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:25 GMT
server: cloudflare
etag: W/"cb2-5b702d20be6e9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7I5enQJq7cJQD%2FO22ZkGoM6xqGMCF64iLSEaWuJV%2BqSSFiiAH1BkcQL8rH0IecQfU2NTkb3K6jaILcVGiGjJLuzzH8zpmkHHIq8kGZvNCECRDAOBsRQR%2FQqH9nQ7g%2B%2BS1JYIuCpWjK8zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094acdb134bd-NRT
expires: Fri, 11 Feb 2022 01:34:17 GMT

GET
H2 200 main-style.css
ntcdoon.org/template/ntcdoon/css/ 42 KB
9 KB 15ms
11ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/main-style.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c914ba3a0df1327be5ce92693d60ff67c2916f3d70629f24f579e2323d5b86

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1147867
cf-polished: origSize=58336
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:24 GMT
server: cloudflare
etag: W/"e3e0-5b702d202327c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIEdp2v7zsxwCFpNpw8sZWU%2B6o%2BZdCBEQLDWwl4%2BSiRbE7vpUOZGKBv0blGSnw5cKYLzi6PKxzSdkSHhwJS%2F%2FPPAzukqi64xAApqKXwWjK13UU8hQiwjOQrv14fXBoZiGkb5FXXJQG%2F%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094aede734bd-NRT
expires: Thu, 10 Feb 2022 05:26:37 GMT

GET
H2 200 responsive-style.css
ntcdoon.org/template/ntcdoon/css/ 2 KB
1 KB 18ms
14ms Stylesheet
text/css 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/responsive-style.css
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c49aa86918931779788e8dd58b7af6c6941a886aec3f6d21dfdb42647e1086c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 813931
cf-polished: origSize=2889
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:36 GMT
server: cloudflare
etag: W/"b49-5b702d2af6b30-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgnBA13Nr3WvfSiR6i1l6s1Srdlzps4J0lwGj2ljYYd%2FX8Cr259fhgSNQGHi4zeezrpVn0wLBIV5Ma4XCgfJJ%2BSpWn94QbAPGExKsnOLtm%2FGkTq4EcQagujt3dpPGH%2BI0kJqHN3wGYi9PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6dad094aede834bd-NRT
expires: Mon, 14 Feb 2022 02:12:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 78ms
40ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28a6806f60948d0488b521168bda88c229667c0d139ed44dbc36dd5acf5c819e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:17:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:44 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
416 B 97ms
72ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:17:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:44 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 85 KB
31 KB 17ms
14ms Script
application/javascript 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/jquery-3.2.1.min.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 562421
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:01 GMT
server: cloudflare
etag: W/"15283-5b702d4390afc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wosazdF0qvgNBh5ojgVfLSPQ1nyshySpLO11Y1LuKVYDmDIAJ4wQVS51AtmyrFuDjDdBmlrJZ0jnCwv3aQ0WVuPqcGneCRSrya8na%2BXYbuz9RWzJFSr91Lr4lEl4asNmjaPSwDcdMluLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dad094aede934bd-NRT
expires: Thu, 17 Feb 2022 00:04:03 GMT

GET
H2 200 zebra_tooltips.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 6 KB
2 KB 27ms
24ms Script
application/javascript 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/zebra_tooltips.min.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49ed74fb461c3772ec8667d41e02d754fbd41500e867bab9d90aa35ff48cbf8d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477120
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:04 GMT
server: cloudflare
etag: W/"1800-5b702d461c115-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgT3yBXYxod3EkeKfmZaS1Ef1fjdOVLn9eeYKW4Q6oAHJNczF08kdZOg%2BDBWTFDZuj3GYdAPmW8GPECD2FAv1Ien3%2B1DT7Tl1AUBIOe7gG20wNB8VPD8iAnkFKgYGmhIMJHztfq93pN5Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dad094aedea34bd-NRT
expires: Thu, 17 Feb 2022 23:45:44 GMT

GET
H2 200 owl.carousel.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 43 KB
12 KB 17ms
14ms Script
application/javascript 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/owl.carousel.min.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd0937ab0a3e143c312ac6f66b57804fff04440d3ddb925ffc33370726fb730

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645511
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:03 GMT
server: cloudflare
etag: W/"acc3-5b702d4581c48-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypnA4jMcng4NCEXsUe9lsLzr17jUza4B%2BYIbmWUYX4vnkvcEXDBxW0dHA6lMqitAksrrU%2BIDpIVQGlIRriqi8PLNFBQSPFJahUOReLYXTgu%2FSsPrvJQgp2syoJ8eAKCvKAudIY4sWCkx4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dad094aedec34bd-NRT
expires: Wed, 16 Feb 2022 00:59:12 GMT

GET
H2 200 main-script.js Show response
ntcdoon.org/template/ntcdoon/js/ 6 KB
2 KB 17ms
14ms Script
application/javascript 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/main-script.js
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f215692264f6fb04a865c206fb55734e1003ce2ede063295c38ae36c158152bc

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1150231
cf-polished: origSize=8544
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:03 GMT
server: cloudflare
etag: W/"2160-5b702d44c5497-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS8j%2BZ3RHUR5DnWtzMz4bB5IA2yfcoa9qPdNu0TDzr%2FpFHFx8rCxb6GRg5kN3bSLX9RBkcfVZSeAPnZJGIHoS4hGZBmSHG5RMvEsvZBPYkS6nutO8pU8SyrxC%2Fizwk%2FODfzZEWqns7hGKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6dad094aeded34bd-NRT
expires: Thu, 10 Feb 2022 04:47:13 GMT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 67ms
59ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.636388777228446

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644409064.154816,VS0,VE57
etag: "136bfff1f290532cc0074a184a93a41336eb53dcdba45e16d34e03a106c160eb-br"
x-served-by: cache-nrt18321-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Wed, 09 Feb 2022 12:17:44 GMT
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 issue-in-getting-multiple-dates-in-descending-order-with-2-table-and-3-date-field-join.jpg
ntcdoon.org/pictures/php/ 57 KB
58 KB 816ms
815ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/php/issue-in-getting-multiple-dates-in-descending-order-with-2-table-and-3-date-field-join.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474907d34e8b3072ab7feba38cf160157de1b7e177dc86e6641c72722359c0ed

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58484
last-modified: Tue, 22 Dec 2020 01:14:30 GMT
server: cloudflare
etag: "e474-5b7034bf69822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFoULSW849BPJxVUBP3YXWny%2BEAPbeAiAt5Ov93xn3G0mQrLTFcqSgLBVMLUjVM3pRcSQWX2i886ANxW2TDODiq3uENQHuMZh3sb%2FJNM3Q2WEr%2BJNAi2uj49weLF%2BQc%2BTF4zmItPz03jyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addbc34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 where-is-the-ib_logfile.jpg
ntcdoon.org/pictures/mysql/ 148 KB
148 KB 1358ms
1357ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/mysql/where-is-the-ib_logfile.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40600502185cb54ae79ddd2696c05deca73259f4e1f36fc68c8c13d736ed745d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151560
last-modified: Tue, 22 Dec 2020 01:14:29 GMT
server: cloudflare
etag: "25008-5b7034bdebaa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGAQfsEUsMG5GqW%2B3TOnJGEWGB7ZrFCysZ11EA5yYZn%2BAXblb%2FbubTBkPrhSP%2FHhKpFfJGKMJGj%2FnYrrWFqef8BJTyuCgDjUJWzdInzRUgipIG18S5lZNO0w9I%2BatfWUdzcAi8UWKEBzZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addbf34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 how-to-execute-python-program-using-a-shell-script-and-makefile.jpg
ntcdoon.org/pictures/bash/ 135 KB
135 KB 1098ms
1097ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/bash/how-to-execute-python-program-using-a-shell-script-and-makefile.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0912ffab89218523db432beb02c6ace6f892844e4feee1d64914960fc32a391

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138175
last-modified: Tue, 22 Dec 2020 01:14:01 GMT
server: cloudflare
etag: "21bbf-5b7034a35abca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B2wxlQ2dAbACzHlXbjPl7rdrm3NwP6WApqK8elFLeUbYP0QQSLDUZo5dA61KZsA2r%2FCIhBZTnfmSPM0kv1uE0yjK%2FR5lK4ANBw%2FSQbkVW%2F2gW1gD9CfXVzRxfboTgEAASBKPmtMeJ9dIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addba34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 excel-was-able-to-open-the-file-by-repairing-or-removing-the-unreadable-content.jpg
ntcdoon.org/pictures/java/ 107 KB
108 KB 1305ms
1305ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/java/excel-was-able-to-open-the-file-by-repairing-or-removing-the-unreadable-content.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aaecda4e9bc806f31349a334465b6f88f60d1147f4dd0a60229103d63b9a1ae

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110074
last-modified: Tue, 22 Dec 2020 01:14:23 GMT
server: cloudflare
etag: "1adfa-5b7034b7fd13b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Otqnsg76R%2F%2Bewdd%2BBRptzhPwFXFcG6UWVEy%2F2JabWEmgLHFb0Cp0HX9q67mUmL3RcJKdN3cmHqOhC5CVg%2BIOS7r9ZqaWB5aPsISWyG7QgEbiUsG8mst%2BdPhWvNQEvImvaDWV7vJceQx8cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addbd34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 cron-management-tool-design.png
ntcdoon.org/pictures/architecture/ 581 KB
582 KB 1065ms
1065ms Image
image/png 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/architecture/cron-management-tool-design.png
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29a3e087ab21fcff96113495f040a2faa19d3d7901890527881b1d18c356f65d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 594772
last-modified: Tue, 22 Dec 2020 01:14:00 GMT
server: cloudflare
etag: "91354-5b7034a2ce1bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XxGKMcJeb4d1ICjLmvWTt1p%2FwWhWGN86%2Bua1DFIgIZi51MwzitInTDbqLmm67V%2Fy6WDWDh6Q65HIWDMHjLWXZ%2FGtOHz0Iebk6cmNlamoBKARsnO6j6bPFinS0rdCbjMDC45XTqM5EOsrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addbe34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 create-pfile-from-spfile.jpg
ntcdoon.org/pictures/oracle/ 154 KB
154 KB 1364ms
1364ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/oracle/create-pfile-from-spfile.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ee65355fe2f498df5150fa420cf76116f08f6394021d1fd73f5cbfe52c03b7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157440
last-modified: Tue, 22 Dec 2020 01:14:30 GMT
server: cloudflare
etag: "26700-5b7034bee0c96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSPYkFFg9E7qKcx15F2Hk0PXtr4MJvKF5KfgYKOCgooOHO3FoJfz9OG5NBx5K6wXjTYcYj9qZBtcGW3AFJcgQU053puz8J%2FEEVHy8hrhefr9nSJmW1IoW9GYc7qbpgyWZAli0FCV8yN%2FKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addc034bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 get-weekday-name-from-index-number-in-mysql.png
ntcdoon.org/pictures/sql/ 778 KB
779 KB 1099ms
1098ms Image
image/png 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/sql/get-weekday-name-from-index-number-in-mysql.png
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1639c4f7b2f265ea9a2e978ca110a195744729f49671fdf4bc19d8a340405f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 796363
last-modified: Tue, 22 Dec 2020 01:14:36 GMT
server: cloudflare
etag: "c26cb-5b7034c4bcd1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojj9M0MFqHRZs0CD129Ip7ai%2FfMta3SPpd5hrDGjZvq%2FkCjQXX63Gqdrs91pliA%2BYIcbF5SECDG%2BX4%2Bmt1Z76V%2FGbf6SAkMtU1CYk86nqfe0K2tsubpvzUF2DfyPTB%2FMBadIQCiyscIGag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addbb34bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 how-to-do-select-based-on-a-substring-of-a-particular-column-in-hiveql-and-sql.jpg
ntcdoon.org/pictures/hive/ 126 KB
127 KB 1051ms
1050ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/hive/how-to-do-select-based-on-a-substring-of-a-particular-column-in-hiveql-and-sql.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d92b3d4faaa66640f19f921b9a7ecb353193a757c2a4eef5b3caf1d00d02bdf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129343
last-modified: Tue, 22 Dec 2020 01:14:13 GMT
server: cloudflare
etag: "1f93f-5b7034ae88206"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt3Dn%2FXzo1epHo5Izxbs1POARKL%2FGbO6elqgI3%2FtOWCxn19mDUxtWCQQekUhczubmuLzuHl5JvvFNbvyvQk74YNBKwPndgnVSdXw0aqv7okwk0IYwzXthMS5vmF9WWTHtCxqGJkijA%2FQuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addc134bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 stata-generate-sum-total-by-specific-date-ranges-and-save-them-as-a-new-variable
ntcdoon.org/pictures/stata/ 7 KB
7 KB 561ms
561ms Image
image/gif 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/stata/stata-generate-sum-total-by-specific-date-ranges-and-save-them-as-a-new-variable
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b5a30568572332968808f1fd3d0218cd8a8ca41889627168fc6d9ca487e766

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 22 Dec 2020 01:14:37 GMT
server: cloudflare
etag: "1bb4-5b7034c5c76d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmDn%2F9%2FCvcidZ3bN6kep43nZvJqANlDsugYI%2Fzp4PLsFxle9HMq6XWgO3YaMxKhw5BTo8sen97wJ6bFDXIwVK%2B2tJVFeZeRUxFuapT%2FiRcHR%2Bc3cQ11pzh95UH06O9Jck5pEY6k3zl4JAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6dad094addb934bd-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7092
expires: Wed, 16 Feb 2022 12:17:44 GMT

GET
H2 200 how-to-import-an-existing-code-in-eclipse-from-a-zip-file-closed.jpg
ntcdoon.org/pictures/java/ 53 KB
54 KB 1049ms
1048ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/java/how-to-import-an-existing-code-in-eclipse-from-a-zip-file-closed.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eea2ce546e75c5983e2f4fc81017a33cd9765696884a66c8ef0676fd4a6057

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54702
last-modified: Tue, 22 Dec 2020 01:14:23 GMT
server: cloudflare
etag: "d5ae-5b7034b8956c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juHnIbatKgwvqolbDOiblL1d7tTtioCkNjok8ZNiDnwWSDeKHyZxJgHsbZLfBMagyl63yUbRLB8udws03vYiqIaLaD1%2FybSRoHPYqjKIvtqAKq39JVwLo%2F%2FANA7n%2B2G%2BXfD31ZkZDYZ4eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094addb834bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 realm-vs-sqlite-for-mobile-development-closed.jpg
ntcdoon.org/pictures/database/ 29 KB
29 KB 804ms
802ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/database/realm-vs-sqlite-for-mobile-development-closed.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec4f28ce63725c8f5890868bd00cdac7629168dec900a99b47710e794854ce4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29231
last-modified: Tue, 22 Dec 2020 01:14:07 GMT
server: cloudflare
etag: "722f-5b7034a98bbb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxX5tDznire014NDOzs48AKt3bjIWS3r3SXQUuyu18%2B3zwBhMdDVAaMGcFR8XDot5WRHKk0UpNLhHbLdS3GAu0vghNmaamWPxGLvTFMho59ARRI0K4pnjwVMnjVFPmegbrrCOpWH0xh%2FPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094afe0234bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 atom-autoclose-html-how-to-force-inline-closing-tags-3.png
ntcdoon.org/pictures/ide/ 217 KB
217 KB 1106ms
1105ms Image
image/png 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/ide/atom-autoclose-html-how-to-force-inline-closing-tags-3.png
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067c4f6ec53c2ac71676ba6da90bef6904423df674ca420b00f5be62b3c243a4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222013
last-modified: Tue, 22 Dec 2020 01:14:20 GMT
server: cloudflare
etag: "3633d-5b7034b5342bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6FvOeOkKpCTN6rCNym2zrkO4ChsjBQyfoCfKjIpmEsA%2FH0%2BMkl3KA9fsKbcNbiqee4L9Q1vocflGKMfOkufYiUukZWweIwvz8RDXL3BVCA4Bc2Xz3swQQMhAYkcCjJBC%2Fe7RmdbJqOBDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094afe0334bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 slide-in-and-out-transition-for-sliding-left-menu.jpg
ntcdoon.org/pictures/javascript/ 236 KB
236 KB 1101ms
1100ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/javascript/slide-in-and-out-transition-for-sliding-left-menu.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfa1af0afff7de5d86eee4104cd9ff5c432e3dbfe48922a52afa0fbda7415c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 241170
last-modified: Tue, 22 Dec 2020 01:14:27 GMT
server: cloudflare
etag: "3ae12-5b7034bc0b2f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTL5VtaVAx8kcJ1jvVJ%2BOCOkQCQp1kObfN5eAC%2FLOflLNSNX6iwvF8Nb43xC2%2F%2FqY6yZ%2FI5Pujetkz3tCcQ%2FLMZS%2BWelzpBbhrFiuN13mcZysN%2FVV%2FGhBIXJoOFjaqmwfXvZj2FKshCl9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094afe0434bd-NRT
expires: Thu, 09 Feb 2023 12:17:44 GMT

GET
H2 200 how-to-hold-the-process-for-2-3-second-in-net.jpg
ntcdoon.org/pictures/c/ 108 KB
109 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::6815:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/c/how-to-hold-the-process-for-2-3-second-in-net.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb765d1d5676f42f6a91f2efe73e0d8594beaf47ed468a1f6ffc9af0cc431124

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110729
last-modified: Tue, 22 Dec 2020 01:14:02 GMT
server: cloudflare
etag: "1b089-5b7034a4cbe2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcqErLocAlc4TpCO8E8dDElwW3ihq8uQXalerrOrg4z0uc0ym1MfEtfuOciYHhL2POaHs6zTqBebDdlxI2HgpskJox%2B17e24aIlIrQ9r4DT66aQ%2BSHVmhFZC4gSZtHD29F3EWGjUuzIhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad094afe0634bd-NRT
expires: Thu, 09 Feb 2023 12:04:47 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.ntcdoon.org/;0.8340909293740233
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.ntcdoon.org/;0.8340909293740233

43 B
528 B

162ms
161ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.ntcdoon.org/;0.8340909293740233

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 12:18:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Feb 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Feb 2022 12:18:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.ntcdoon.org/;0.8340909293740233
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 08 Feb 2021 21:00:00 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 80 KB
29 KB 15ms
2ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3

Request headers

Referer: https://ja.ntcdoon.org/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 09:44:38 GMT
server: nginx/1.18.0
etag: W/"62023b86-13e4c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 09 Feb 2022 12:22:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
222 B 127ms
126ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.41499751676559193

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644409064.177698,VS0,VE110
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by: cache-nrt18321-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Wed, 09 Feb 2022 12:17:44 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 107
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 834 B
610 B 8ms
2ms XHR
application/json 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fdf266d7db4d86b30c8b4cf632d93f50bc152aca5d2b2c9f37003d0dcb1b0b00

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 5ms
2ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 09 Feb 2022 12:22:44 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/ 284 KB
102 KB 128ms
92ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322bcdad8f697748b1c1a47a28c7e3b5bcb92525b22975662a6b7d74188c1475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104615
x-xss-protection: 0
server: cafe
etag: 562217045168529021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:17:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/ Frame BB6F 10 KB
5 KB 40ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:25:23 GMT
expires: Tue, 22 Feb 2022 21:25:23 GMT
cache-control: public, max-age=1209600
age: 53541
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track Show response
7823541d29.bfeb247ed9.com/in/ 0
199 B 245ms
235ms XHR
text/plain 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://7823541d29.bfeb247ed9.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4OTA3MjY0MDMxOTUwMTE1MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTUuMCIsInRhZ19pZCI6MTkzMCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:44 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 24 KB
6 KB 12ms
1ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 07:44:44 GMT
server: nginx/1.18.0
etag: W/"61fa366c-6155"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 09 Feb 2022 12:22:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 27 KB
10 KB 9ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f9e5421de3504845f16e666c7dcf77ca604a5d89366f2847054114b2ef4945d

Request headers

Referer: https://ja.ntcdoon.org/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 07:23:55 GMT
server: nginx/1.18.0
etag: W/"62036c0b-6a17"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 09 Feb 2022 12:22:44 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
349 B 421ms
421ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fja.ntcdoon.org%2F
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.41499751676559193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
x-cache: MISS
content-length: 65
x-served-by: cache-nrt18321-NRT
server: Google Frontend
x-timer: S1644409064.379634,VS0,VE419
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: c2ba7607b513a8e099a7e435673de758
cache-control: max-age=3600,public
function-execution-id: jroioi0yuv6o
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 77ms
38ms Script
text/javascript 216.58.197.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.ntcdoon.org&callback=_gfp_s_&client=ca-pub-3890713886363470

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.197.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s48-in-f194.1e100.net

Software

cafe /

Resource Hash

3c4c2cb606e6a03ce11fd25a6eb109eeb728e9a28a5c3af2928e34178da7731d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 80ms
41ms Script
application/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
39ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C61 249 KB
65 KB 369ms
332ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1644409064&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.ntcdoon.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064302&bpp=2&bdt=210&idt=239&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2334156428120&frm=20&pv=2&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9320c7aaf6457e4bf921a0b824ba7b15454f1590aa6025759c2bf4b56f4e77e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 66280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F563 72 KB
29 KB 362ms
336ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1644409064&psa=0&format=728x90&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064304&bpp=2&bdt=212&idt=268&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fYtkw9MdDW&p=https%3A//ja.ntcdoon.org&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a92d1c3c323ecf1826ea6e1eb941dc6457c304b8275a72e917b362f392dce982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 29347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 659E 436 B
237 B 195ms
178ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=100&slotname=8129016002&adk=1818732334&adf=3915410515&pi=t.ma~as.8129016002&w=320&lmt=1644409064&psa=0&format=320x100&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=275&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zx1yTForvR&p=https%3A//ja.ntcdoon.org&dtd=278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

152d0a21ca1c2352fe575a6d6552b7b4d952f38803da17beb5be07498f95770d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21B1 82 KB
30 KB 382ms
370ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42edde5110740b5ad0b675d1925eb3c2c247d9ef3fcf734dc9ec6f0a3ac74fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 31053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E8C 436 B
236 B 188ms
179ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=145370778&pi=t.ma~as.6624362644&w=336&lmt=1644409064&psa=0&format=336x280&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=284&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=FUe6VoBOqY&p=https%3A//ja.ntcdoon.org&dtd=286

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8a009f200fbf1564bbe6e63fd10d380e103bd2d2511a4f254916538d3a6db47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71D9 71 KB
28 KB 368ms
363ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=288&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=mX07guuVUJ&p=https%3A//ja.ntcdoon.org&dtd=291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc33531b06a3820fbaa74e56196459212874d71b258b2d9bf0a88d9ab2be824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 29037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61C5 436 B
236 B 184ms
184ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=3671764194&pi=t.ma~as.6624362644&w=336&lmt=1644409064&psa=0&format=336x280&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=295&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=GLtAjXyTWo&p=https%3A//ja.ntcdoon.org&dtd=298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae193e0681edd2742de7c7e7c2ccce2fb6025cbeedbfb7fd1f42ba75386b3afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D49 73 KB
29 KB 266ms
265ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1644409064&psa=0&format=300x600&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=299&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=4xMpfhDB3Y&p=https%3A//ja.ntcdoon.org&dtd=300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f19af7c0410645aafef1c3c182726f09d95845364121b6edb6d560cc3a94060d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 29502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B804 436 B
236 B 184ms
184ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=250&slotname=5143760017&adk=3298004681&adf=3437239624&pi=t.ma~as.5143760017&w=300&lmt=1644409064&psa=0&format=300x250&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=303&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&xpc=uZlp3DUVfx&p=https%3A//ja.ntcdoon.org&dtd=305

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c657241900fc1c16b78d457cd90b7e1dbbf86127476ae521a27f98556d00804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB54 436 B
236 B 200ms
200ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=1264272911&pi=t.ma~as.6624362644&w=336&lmt=1644409064&psa=0&format=336x280&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=217&idt=313&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&xpc=sCfQIAgMdm&p=https%3A//ja.ntcdoon.org&dtd=315

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9d93b621a46ba1b4dc591c7290b0a980b90f387579671cce893c7a5ab7cc167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:44 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:44 GMT
cache-control: private

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 182 B
389 B 36ms
20ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db264a2d6c30bc872076ab8f14cc9a74421bf81783c2c5bf3c3a23dd1e90b645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:44 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dad094f5e9380cb-NRT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 4ms
4ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644409065.891456,VS0,VE1
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
x-served-by: cache-nrt18321-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 09 Feb 2022 12:17:44 GMT
accept-ranges: bytes
content-length: 67057
x-cache-hits: 1

GET
H2 200 18269390155163954184
tpc.googlesyndication.com/simgad/ Frame 4D49 63 KB
63 KB 43ms
4ms Image
image/jpeg 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18269390155163954184?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn-XsYUhvp_xhWSjbsW2SqlbWGixA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1644409064&psa=0&format=300x600&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=299&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=4xMpfhDB3Y&p=https%3A//ja.ntcdoon.org&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b5a3bc3f33e36b4aabbe7c03c45258b0deb5dfeb23fe5c4267d533eef6b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 00:03:51 GMT
x-content-type-options: nosniff
age: 303233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64304
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:22:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Feb 2023 00:03:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame 4D49 19 KB
8 KB 42ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 4D49 2 KB
1 KB 44ms
10ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D49 124 KB
38 KB 208ms
133ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 4D49 15 KB
6 KB 43ms
8ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 4D49 28 KB
11 KB 42ms
9ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 19:14:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4D49 0
0 47ms
46ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGbgE6LADYqSdJ9vmqAHN96mwAcDg-pVni6rW-bAP2dkeEAEgs-vBfGCJ88WE9BOgAZyv-6gCyAECqAMByAPJBKoE4gFP0P4gXGxjDNyfan1iMLRfINiWcDSKLI52DYkHelgbsCUj1ySlM14tfVODwX0CgTTA_bms3kHMNfnqiTCqRbUsUI_CLx6PYrLQdSCPlYjyY-Z-DUwHcDyUxoEZgpkN1bgzASgHk8lEgaYjjRIEujk8ucOIBdl1ztGClaSw98hdD-UjRH46gXbHdJgrpeX2jpiXNapCg-NbISv5oCjGkfMGgXuZdKzOXbBz1BoGnh5032qg13v09EGih1oZWc-jePHOPezOB2bSYl0zNRlQrlPWA6cRBtguqtTOvf4j7-bxLacQwASIuMWa_QOSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDk7gTSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=PTM9DukwUMk&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1644409064&psa=0&format=300x600&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=299&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=4xMpfhDB3Y&p=https%3A//ja.ntcdoon.org&dtd=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Feb 2022 12:17:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Feb 2022 12:17:44 GMT

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 4ms
4ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1644409065.972526,VS0,VE1
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-nrt18321-NRT
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Wed, 09 Feb 2022 12:17:44 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 1

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E26 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1644409064&psa=0&format=300x600&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064308&bpp=1&bdt=216&idt=299&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=4xMpfhDB3Y&p=https%3A//ja.ntcdoon.org&dtd=300

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 09 Feb 2022 12:01:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 5643699554624376680
tpc.googlesyndication.com/simgad/ Frame F563 42 KB
42 KB 44ms
6ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5643699554624376680?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlJlRMIappkKQpIPHxMXPoSTopvDA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1644409064&psa=0&format=728x90&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064304&bpp=2&bdt=212&idt=268&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fYtkw9MdDW&p=https%3A//ja.ntcdoon.org&dtd=272

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b891e16bf00c8198df39047ca87b54cf380565fd486639f310e6ec11b6d18973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 07:44:41 GMT
x-content-type-options: nosniff
age: 102784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43143
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:15:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 07:44:41 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame F563 19 KB
8 KB 40ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame F563 2 KB
1 KB 7ms
6ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F563 124 KB
38 KB 79ms
78ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame F563 15 KB
6 KB 4ms
4ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:13 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame F563 28 KB
11 KB 9ms
8ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 19:14:28 GMT

GET
H3 200 9445324584289018137
tpc.googlesyndication.com/simgad/ Frame 71D9 43 KB
43 KB 45ms
9ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9445324584289018137?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk4nPYb2FKivszFltZuStrYa5FNlA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=288&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=mX07guuVUJ&p=https%3A//ja.ntcdoon.org&dtd=291

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4773c92631f7f28a6b679ee8a606e7fa0ae575b97f52ce6be8805abaf1f2208e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 23:01:31 GMT
x-content-type-options: nosniff
age: 566174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43714
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 07:04:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 23:01:31 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame 71D9 19 KB
8 KB 40ms
4ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 71D9 2 KB
1 KB 5ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71D9 124 KB
38 KB 108ms
103ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 71D9 15 KB
6 KB 4ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:13 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 71D9 28 KB
11 KB 5ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 19:14:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 21B1 1 KB
584 B 75ms
39ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=1%E3%83%B3U%E3%81%8A%E3%82%AD%E3%83%88%E9%96%93%E3%81%A7%E3%83%A3%E3%83%9A%E3%82%83%E6%88%BB%E3%81%8F%E4%BB%8A%E3%81%A1%E5%AE%9A%E3%81%91%E3%81%A3O0%20%E3%81%A6%E3%83%90R%E6%9C%9F%E3%82%B7%E4%B8%AD%E3%82%81%2C%E9%99%90%E3%82%8B%E3%82%AF%E3%83%A5%E3%81%A0%E5%86%86%E3%83%BC%E3%83%83N%E5%85%89

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96fb748810bb56c3c1420ce297bb41f2102631638eb7d2c9c444b70a9ba9170d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:17:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 21B1 1 KB
875 B 38ms
4ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F563 0
0 45ms
43ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ1AQ6LADYsfrJpyKs8IPisOamA366oSpaPzW4KSOD7CQHxABILPrwXxgifPFhPQToAHU8-vMAsgBAqkCiCdX1YicQj6oAwHIA8kEqgTiAU_QbUWicqFw0EcC951rRiFldf1RhCMr_ywr0XrBMqNO0GMn4yCuoT_sXY-SATq3RF_RERTq5w4eYVZefHvIjQKSkicbrSm2LQJLdfTrbgD09xqc-wr_1IHOW68u-0IYccvP4rFd05KRVclgOxHDWDi-tsmm_iaPaKcec_ardhqmRK5GOheKd_fTFlpYwdnuuIntVKJYTmUx7axg0dh_0onxmYxCFuRpAkrH8V5Fc4HSEBAKAljc9zLtHnmu_x6DAwXuCKSn3UnofwMwlDcmoNBNv4myH-awAhZZC2jS50nZ8qjABOzzhfH0A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeUjJSzAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMrrDNIIBwiAYRABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzg5MDcxMzg4NjM2MzQ3MBgA&sigh=uJA-f2QL0Qg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1644409064&psa=0&format=728x90&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064304&bpp=2&bdt=212&idt=268&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fYtkw9MdDW&p=https%3A//ja.ntcdoon.org&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Feb 2022 12:17:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71D9 0
0 48ms
46ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXrVo6LADYqTgJtHGgAOilIL4A5Pm9p1n7ZWt_P0O2dkeEAEgs-vBfGCJ88WE9BOgAfye7dkByAECqQKIJ1fViJxCPqgDAcgDyQSqBOMBT9DzwJlRoWOU1u-Jg0weoBuBseFbUI2posZCDDePmTT9o0jde3mFrZOj3RqOfO5qhQ9BWJa5ltESEEVrerIHbfSj6naRaKz9gFpp4SqxMKyjwTGLNC6pK_kWK9Cnzo4jFblIzyl9A4Vf3PnInohI4De46RtjIUHRiPpu5zeZEm2yaegLEfKg9zdoZ2483u2UCd_2MqH-0TqBZv_QntGHf3LyNIox47c1jYMphxlO-sf9fb5ME5KxW6xzK0qiou-qYI4LjHVPrUXUKI6oGS1ed33xN5LJdFfH-7N9XsG8W94Fkl7ABMyjwMzrA5IFBAgEGAGSBQQIBRgEoAYCgAfs4JKmAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMW_A9IIBwiAYRABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzg5MDcxMzg4NjM2MzQ3MBgA&sigh=QKQPNKC6pVk&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=288&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=mX07guuVUJ&p=https%3A//ja.ntcdoon.org&dtd=291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Feb 2022 12:17:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame 21B1 19 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 21B1 2 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21B1 124 KB
38 KB 68ms
68ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 21B1 15 KB
6 KB 4ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:13 GMT

GET
H2 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 21B1 27 KB
12 KB 78ms
3ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 08:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 09 May 2022 08:55:17 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2269756059525172575/ Frame 21B1 42 KB
42 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2269756059525172575/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d93a377a6a8651752afa5ca882cc0d86bea2bf41190ed4e0d2dd40dbe3a105c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 00:54:43 GMT
x-content-type-options: nosniff
age: 40982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43168
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 06:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 00:54:43 GMT

GET
DATA 200
OK truncated
/ Frame 21B1 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 174ms
130ms Script
text/javascript 216.58.197.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.197.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s48-in-f194.1e100.net

Software

sffe /

Resource Hash

0b274e2e8f47e15c396a012b00ad3a48a763ba3f0c46d8b7ea983dfdcd0fa799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27136
x-xss-protection: 0
server: sffe
etag: "1126 / 144 of 1000 / last-modified: 1644399830"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 42ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 04:26:21 GMT
x-content-type-options: nosniff
age: 114684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 04:26:21 GMT

GET
H3 200 seperator.png
ntcdoon.org/template/ntcdoon/css/ 1015 B
2 KB 13ms
13ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/template/ntcdoon/css/seperator.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/template/ntcdoon/css/main-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1f8b6e495ddec63477e2f0d7da79f237b54fe33d981d8edd475ceb1c7aa3c7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/template/ntcdoon/css/main-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20349385
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1015
last-modified: Tue, 22 Dec 2020 00:40:36 GMT
server: cloudflare
etag: "3f7-5b702d2b95e1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lbl6kcDQLlOlzSY0VVkLC7HKmgUzzQq8dXYlxtHQtfkvXtlBl7hq9hnsEUwYjnvAMAe9XyVwmYs4UaqMsQpG2Mv67exMGzyGQ5Tg022RgdArHHIeyM89cTrAkTlNfMFvex%2FdaVxW05YtMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad09515d23f90b-NRT
expires: Sat, 18 Jun 2022 23:41:20 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 34ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:33:48 GMT
x-content-type-options: nosniff
age: 578637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:33:48 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 33ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:34:17 GMT
x-content-type-options: nosniff
age: 578608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:34:17 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 119 KB
119 KB 34ms
5ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 05:35:59 GMT
x-content-type-options: nosniff
age: 110506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121784
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 05:35:59 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 860ms
428ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

59c2cb28c10f5219249d19a9991fbec8a01e6ddd4abe500077fe6ce3fc8eeac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: br
last-modified: Tue, 08 Feb 2022 09:39:45 GMT
etag: "62021031-10faa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69546
expires: Wed, 09 Feb 2022 13:17:45 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 73ms
38ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

429ef77121e6de65a9c2b3e3a27f38850bfd0aef479fce4139c93f0b417c68b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1126 / 498 of 1000 / last-modified: 1644399830"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
210 B 1074ms
643ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.9032012575834578

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:45 GMT
last-modified: Wed, 09-Feb-2022 12:17:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Feb-2022 12:17:45 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.ntcdoon.org%22:{%22https://ja.ntcdoon.org/%22:%22%22}}}&r=0.21749523784078018
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.21749523784078018

0
0

216ms
216ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.21749523784078018
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:45 GMT
last-modified: Wed, 09-Feb-2022 12:17:45 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.21749523784078018
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 09-Feb-2022 12:17:45 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
71 B 1074ms
643ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.9496453330870114

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:45 GMT
last-modified: Wed, 09-Feb-2022 12:17:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Feb-2022 12:17:45 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ja.ntcdoon.org%22:{%22https://ja.ntcdoon.org/%22:%22%22}}}&r=0.37689047258343855
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.37689047258343855

0
0

216ms
215ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.37689047258343855
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:45 GMT
last-modified: Wed, 09-Feb-2022 12:17:45 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ja.ntcdoon.org%22%3A%7B%22https%3A%2F%2Fja.ntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.37689047258343855
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 09-Feb-2022 12:17:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 21B1 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca8iN6LADYonRJsids8IP-uKGkAKIpsuUaJ6NqJygD5-DuuPXAhABILPrwXxgifPFhPQToAHGmPXPA8gBCakCsBPRc7WbQj6oAwHIA8sEqgTlAU_QZeaGs-IsFJYYQnGSWYBTWYiTL5wF4Mc6pYc9nJFtXu2C18sC5c9VAxjcURnGxlUtVH0zmR4OZ5M45nfNe_W6kTrVM21vRf6ByP0NTs3R1o_g869d2snJ1U3ARxkj2ZX52Rj2I2CyeKPnlyGwfw4G4nNAo0pumDuwcyU1Ta_ux9GeU8Yetm0KzFamNe8ouG9pxQQ2fkGRR0gKLFa6k9CMl7rmDspDDXGMXFMMuu4tdGiYC2uoJGrmmNYkP4s16T2sjt3B-gPgoTQKW-f9T4F-FiOijI9T9M6_94GyM-1A02VwBLfABIeAhpTQApIFBAgEGAGSBQQIBRgEoAYugAehyoUsqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQybUG0ggHCIBhEAEYH4AKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0zODkwNzEzODg2MzYzNDcwGAA&sigh=4klfTxe9OwU&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Feb 2022 12:17:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B04 143 B
163 B 3ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1644409064&psa=0&format=728x90&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064304&bpp=2&bdt=212&idt=268&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fYtkw9MdDW&p=https%3A//ja.ntcdoon.org&dtd=272

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 09 Feb 2022 12:01:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 debian-deb-command-not-found-how-can-i-fix-it-closed.jpg
ntcdoon.org/pictures/linux/ 63 KB
64 KB 1048ms
1048ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/linux/debian-deb-command-not-found-how-can-i-fix-it-closed.jpg
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c844d1871aebd5650089563f347d86001cdcadedf05655b908bc7075f7f585e4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64977
last-modified: Tue, 22 Dec 2020 01:14:27 GMT
server: cloudflare
etag: "fdd1-5b7034bcb9fe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3RM11ef5Y52%2FGkT8R%2B4KjCQyXWGai1Tm%2FH5G9x8DEgdOb9fOapZh5pWYEPWhi048NNqiOANakEb%2FjEgvleGNzCetiD2Sc8WUTz1E6ZoxJCbytU4OBqigk39mvXA7sxzqOPcmJ0AdYyw6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6dad0951cd90f90b-NRT
expires: Thu, 09 Feb 2023 12:17:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 74ms
39ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 77ms
40ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5DC5 74 KB
29 KB 226ms
226ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1644409065&psa=0&format=240x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=216&idt=309&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&xpc=3fe3hBYZZu&p=https%3A//ja.ntcdoon.org&dtd=952

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92f743c49dbfe1d1eef6f4a33a8e8deeb37778c296f6bdf11922d9d29f4cff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 30171
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C819 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064307&bpp=1&bdt=215&idt=288&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=mX07guuVUJ&p=https%3A//ja.ntcdoon.org&dtd=291

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 09 Feb 2022 12:01:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4D49 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36c0e29582e6f9137c800e19148125dbedd24df8e42b00b8b048db7bce71a8a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F563 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ee3a868cf6f9c1f8e45ddeac349e7fc7c16a87e7cf2243d7f298dff5df6bf3a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 71D9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c737f56157ad7a9d29f043d061d1c7f50ced4cb47f4019df6a997b88fbf29e5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/ 150 KB
54 KB 58ms
57ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/reactive_library_fy2019.js?bust=31064752

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73b7a6450e1f555f5ebe6dd845b95296aec7c1753dfac00ec0ee600a47d6783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54755
x-xss-protection: 0
server: cafe
etag: 17645522093256442239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
DATA 200
OK truncated
/ Frame 21B1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cf4c55be8fd0c2870c6d90b5f83dd36851760da33912ea50d40c4a5eb0a68fd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 21B1 16 KB
17 KB 41ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12Xqhso5JOgugMmnNTW1W0EYgj_2pibcw92Cv-3RHvqAJEDN7D7EXdzI6VjOthJkrckpTX8xWDNM-aILn8e5DPEO3tlVolvgshhXoZVKpm_24p4J_-8Pm_5jAkZfUaFsxbpch97qXh06_QlZD1dH4rMk_ct7U7X1x45DH-SRPL0a9PZq0D5wfSgeQUWDwxlQ9a1T&skey=b1468649b9c42538&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=1%E3%83%B3U%E3%81%8A%E3%82%AD%E3%83%88%E9%96%93%E3%81%A7%E3%83%A3%E3%83%9A%E3%82%83%E6%88%BB%E3%81%8F%E4%BB%8A%E3%81%A1%E5%AE%9A%E3%81%91%E3%81%A3O0%20%E3%81%A6%E3%83%90R%E6%9C%9F%E3%82%B7%E4%B8%AD%E3%82%81%2C%E9%99%90%E3%82%8B%E3%82%AF%E3%83%A5%E3%81%A0%E5%86%86%E3%83%BC%E3%83%83N%E5%85%89

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

915b44e27bea89e16464ab84fbd4c13a060f4d42af5364cb15c6080a69be4836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:32:40 GMT
x-content-type-options: nosniff
age: 67505
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16880
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Feb 2022 17:32:40 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 21B1 15 KB
15 KB 41ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQaioq12Xqhso5JOgugMmnNTW1W0EYgj_2pibcw92Cv-3RHvqAJEDN7D7EXdzI6VjOthJkrckpTX8xWDNM-aILn8e5DPEO3tlVolvgshhXoZVKpm_24p4J_-8Pm_5jAkZfUaFsxbpch97qXh06_QlZD1dH4rMk_ct7U7X1x45DH-SRPL0a9PZq0D5wfSgeQUWDwxlQ9a1T&skey=f8a75aa314b1396f&v=v40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

221db073a8af53e8bf53c7f2eb84e1e02db055fe9efc4bb77aef99f6c0d6b76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:32:40 GMT
x-content-type-options: nosniff
age: 67505
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Feb 2022 17:32:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E26
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
71ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame 15E2 36 KB
13 KB 4ms
4ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H3 200 pubads_impl_2022020701.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 44ms
5ms Script
text/javascript 216.58.197.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.197.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s48-in-f194.1e100.net

Software

sffe /

Resource Hash

5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122460
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Feb 2023 17:39:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
73 B 79ms
41ms XHR
application/json 216.58.197.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.ntcdoon.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.197.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s48-in-f194.1e100.net

Software

cafe /

Resource Hash

071f0915d321d44ca39589b9a0a7615e525b6421e12a0d2937fd62bf6a98f129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Wed, 09 Feb 2022 12:17:45 GMT

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
613 B 290ms
282ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ebdf3034a698d3a4b38841afb8cbe2a89f83efaf72b7d66c5eec8df27765d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.ntcdoon.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIP59Rzetvju8wVICtJIwPdv7hrk4UEzSKfhklkSfg9hC%2FuYSZXGRSVm7BnutoRE8GUDmrPVG%2FZSNTmJHBkkuumDrWBeOYe6IQdwSn1aQlE44sv94Ua%2BgM7zFFw5En4bneda00k6QTN%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dad0952facf8145-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 51pb.json Show response
newrrb.bid/ 230 B
642 B 303ms
296ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffff8c49df0d20b3f23378f2ddbbeaf67a09c6bf3671ca0aa2118a4a829c9777

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.ntcdoon.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awD%2B9vtyuLMOb0%2FGkA2ZcapCT8n6BKVxG7eNw1Vm%2FrvlIMM0N0ChEEQ9Z6zEM28YpzgyaSkiGy2G0OHQNO%2FQBUlMYRzuJ5Bsor1F%2FrDTDbbjyLG0XyGysYiYz8PnbcXrpzfYmRWxi0jh"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dad0952fad18145-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6B04
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

143ms
143ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C819
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

142ms
142ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame CC1F 36 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame 68BB 36 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame B2F6 36 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1644409064&psa=0&format=580x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064306&bpp=1&bdt=213&idt=282&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1738&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=1ChOB70g7L&p=https%3A//ja.ntcdoon.org&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
38ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/ Frame A9C0 10 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 08 Feb 2022 22:01:07 GMT
expires: Tue, 22 Feb 2022 22:01:07 GMT
cache-control: public, max-age=1209600
age: 51398
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/ Frame 3CBA 10 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 08 Feb 2022 22:01:07 GMT
expires: Tue, 22 Feb 2022 22:01:07 GMT
cache-control: public, max-age=1209600
age: 51398
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 18269390155163954184
tpc.googlesyndication.com/simgad/ Frame 5DC5 63 KB
63 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18269390155163954184?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn-XsYUhvp_xhWSjbsW2SqlbWGixA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1644409065&psa=0&format=240x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=216&idt=309&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&xpc=3fe3hBYZZu&p=https%3A//ja.ntcdoon.org&dtd=952

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b5a3bc3f33e36b4aabbe7c03c45258b0deb5dfeb23fe5c4267d533eef6b6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 00:03:51 GMT
x-content-type-options: nosniff
age: 303234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64304
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:22:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Feb 2023 00:03:51 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame 5DC5 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 5DC5 2 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DC5 124 KB
38 KB 45ms
44ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 5DC5 15 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5DC5 0
0 75ms
36ms Image
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5PGR4TCz8fPcp4nO2R9ZHCFWcpDMAU16HGFADv0qn2OMHauf4dDap6nrWfgiSFX_Vk4sbpXkFKMREEC35A3eW3JZM-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1644409065&psa=0&format=240x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=216&idt=309&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&xpc=3fe3hBYZZu&p=https%3A//ja.ntcdoon.org&dtd=952
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 5DC5 28 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 19:14:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5DC5 0
0 46ms
45ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL36L6bADYviYEtfZqQGZwYHICsDg-pVni6rW-bAP2dkeEAEgs-vBfGCJ88WE9BOgAZyv-6gCyAECqAMByAPJBKoE4gFP0JOIU8luotoYB2QBdWUnq_dbHVrLXDQyhmD_RXaBnwZ5axuVTkfu9rXYqAYruztDZq4pEJ7dGwRFMCm7D8WunbTCo7HOTPnB9Yn546d1ymfIFbitJhSYZ_7mz598ubAXmJOq8QulHJ1fSeBXrGllEXybQcCIbBsvWlplzwfe2YyQ2jp3abMQZr-0F33hRV7Dii510-BasOrE9bmAY4TDZtvC_n_czqBpXYgLRex1JbNUyqwpjz35js4w2V36pJ1QxF1uxxjqSKWSNIf64cuBtoOGDknq8nrrCWBHsglxUqivwASIuMWa_QOSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDqtwPSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzg5MDcxMzg4NjM2MzQ3MBgA&sigh=F-ZvIW2BD_I&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1644409065&psa=0&format=240x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=216&idt=309&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&xpc=3fe3hBYZZu&p=https%3A//ja.ntcdoon.org&dtd=952
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Feb 2022 12:17:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 391ms
391ms XHR
text/plain 216.58.197.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2563172923079661&correlator=4410088619383105&output=ldjh&eid=31061814%2C31063378%2C31064810%2C44752586%2C31063246&output=ldjh&gdfp_req=1&vrg=2022020701&ptt=17&impl=fif&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20220209&iu_parts=41117126%2CZXNT%2Czxntmng%2Czxntmng_smrcp%2Czxntmng_smrcp_drm56&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=1600x90&didk=630613631&cust_params=seg_id%3D21120200%26site_domen%3Dja.ntcdoon.org%26site_topdomen%3Dntcdoon.org%26site_referrer%3D%26site_url%3Dhttps%253A%252F%252Fja.ntcdoon.org%252F%26site_hash%3D%26keywords%3D%2520Ntcdoon%2520Ntcdoon%2520&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&bc=31&abxe=1&dt=1644409065660&lmt=1644409065&dlt=1644409064092&idt=1550&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1345&adks=730449503&ucis=1&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fja.ntcdoon.org%2F&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.197.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s48-in-f194.1e100.net

Software

cafe /

Resource Hash

5610d0c3038574cb0549211f569dfe378dac3c10efa30faea96e02cc1bc91fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11712
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.ntcdoon.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB0C 6 KB
4 KB 225ms
36ms Document
text/html 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Feb 2022 12:17:45 GMT
expires: Thu, 09 Feb 2023 12:17:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3434 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1644409065&psa=0&format=240x400&url=https%3A%2F%2Fja.ntcdoon.org%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644409064309&bpp=1&bdt=216&idt=309&shv=r20220207&mjsv=m202202010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D360dff70486ce21b-22ebe1cc7ed000dd%3AT%3D1644409064%3ART%3D1644409064%3AS%3DALNI_MbcIuywc0FjXwX4dHNJ3S-cUlTZXQ&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C336x280&nras=1&correlator=2334156428120&frm=20&pv=1&ga_vid=1970897981.1644409065&ga_sid=1644409065&ga_hid=2072612942&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C21066429%2C31064752%2C31063246&oid=2&pvsid=2563172923079661&pem=443&tmod=1156759971&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=4&fsb=1&xpc=3fe3hBYZZu&p=https%3A//ja.ntcdoon.org&dtd=952

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 09 Feb 2022 12:01:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
575 B 281ms
281ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adaa4dafc5f3937379390484f68a24ad8c5533f82c71cf4dfa92f4937fac505

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.ntcdoon.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTW36VwF%2BO62ZtvI5Oj1fL%2FX4lcCVeGGV85Dv6GQVf11gLCZupPX8DVmK8Ikrb5zWRYKxzpqZaKF%2BgEJIDeijRXHu41ymBpzugctmWRrPtS7DgSob5Jo2EZRmsV3xfqH7D2GdliZPQfF"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dad09554f9e8145-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css2
fonts.googleapis.com/ Frame A9C0 4 KB
634 B 37ms
37ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 11:21:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A9C0 205 B
229 B 38ms
3ms Image
image/png 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:02:51 GMT
x-content-type-options: nosniff
age: 141294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Feb 2023 21:02:51 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A9C0 604 B
628 B 39ms
3ms Image
image/png 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 07:17:37 GMT
x-content-type-options: nosniff
age: 104408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Feb 2023 07:17:37 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/elements/html/ Frame A9C0 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3CBA 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWkAa6LADYv3kJtTUrQTk0ZfIDpPm9p1nnZWt_P0O2dkeEAEgs-vBfGCJ88WE9BOgAfye7dkByAECqQKIJ1fViJxCPqgDAcgDyQSqBOQBT9Cf7mfMtZMe3NDg5cwe0JvAylevlXC8zSXuzWeVc_QeeI7a-pnDApDX-U4tiAHJyUgY3D22tTh5LMX_m0B8mbezZGu7AMBPt7J8yYFlyL0AfbXFEcqxvOznMjK8jUOCuqX03oZUvz5qMgx87sLnmLVc7HUS-FVhPS13f1vlG_F6QT3agXAo7HrfD111WXDiZK1ec8sCRo83N_BQUVBpU5d7l--1M0TCGgFqW5go7Oek9PX1fHNtkhwe7bqxtrRzmYGHg66MwxCwZCJrH4jy61QyiADBOs8kcV8WKHhKSVnK8HFHwATMo8DM6wOSBQQIBBgBkgUECAUYBKAGAoAH7OCSpgKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCF7gTSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=e_poqz0IwmU&uach_m=[UACH]

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 09 Feb 2022 12:17:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame 3CBA 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 3CBA 2 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CBA 124 KB
38 KB 138ms
138ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 3CBA 15 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:13 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 3CBA 28 KB
11 KB 3ms
3ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6226773659199191033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 19:14:28 GMT

GET
H3 200 7856793857992514047
tpc.googlesyndication.com/daca_images/simgad/ Frame 3CBA 68 KB
68 KB 4ms
4ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7856793857992514047

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73ba3fa9ebf7cab263ebcfbc285843a91b28e81229e5f1fe4ca084ab19d4945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 04:47:28 GMT
x-content-type-options: nosniff
age: 113417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69644
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 07:30:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 04:47:28 GMT

GET
DATA 200
OK truncated
/ Frame 5DC5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f14f2c4c28edb2e4807ad53d0fd86ed6d57a88b1e05347c8b8154b5d06e9cc50

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EAC2 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 09 Feb 2022 12:01:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 8720 782 B
548 B 38ms
38ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A9%E7%99%BB%E3%83%A0%E3%81%A3%E3%81%AA%E9%96%8B%E3%81%A1%E5%A4%A7%E3%81%8F%E3%81%9F%E3%81%A8%E3%81%8C%E3%83%A3%E3%82%82%E4%BA%BA%E3%81%A7%E9%80%80%E3%82%BF%E3%82%AD%E4%BD%9C%E3%83%AA%E3%83%B3%E3%81%AE%E3%83%BC%E5%A3%AB%E5%93%81%E3%82%AF%E6%B0%97%E9%AD%94%E3%81%A6%E5%8E%BB%E5%A0%B4%E3%82%BE%E9%81%8E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a804a66865239c83f5753238c09f0c14016c11352082d31a994459da1c646659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:17:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8720 4 KB
810 B 71ms
71ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 10:27:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 8720 1 KB
875 B 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:25 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/ Frame 8720 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:15:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 8720 2 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:14:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8720 124 KB
38 KB 58ms
58ms Script
text/javascript 2404:6800:4004:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame 8720 15 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:17:13 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 8720 27 KB
11 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 08:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 09 May 2022 08:55:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3434
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

64ms
64ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame AD4C 36 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EAC2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
62ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Feb 2022 12:17:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Feb 2022 12:17:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3CBA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12676fe507c861c3bce75faac37190ca32fd062d6da03237b6760f8ae5506b5c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame 02FE 36 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame B7EC 220 KB
61 KB 122ms
3ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 129541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 00:18:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 00:18:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B7EC 16 KB
6 KB 126ms
7ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Sun, 06 Feb 2022 23:05:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 06 Feb 2023 23:05:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B7EC 96 KB
29 KB 127ms
8ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 75624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 15:17:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 15:17:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B7EC 5 KB
2 KB 128ms
10ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 98404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 08:57:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 08:57:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B7EC 42 KB
13 KB 129ms
10ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 97383
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Tue, 08 Feb 2022 09:14:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Feb 2023 09:14:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B7EC 798 B
568 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%84%E3%83%89%E5%9C%A8D%E5%8B%95%E3%81%AF%E3%83%90%E3%83%ABhmsa%E3%83%A9%E3%83%BB-c%E9%96%8B%E3%81%8F%E5%8F%A4e%E3%81%99l%2F%E3%82%84%E3%81%97pU%E3%81%A7%E3%82%A4ri%E3%82%92%E8%87%AA%E3%83%BC%E6%96%B0%E3%81%AE%E3%83%B3%E3%83%88t%E3%81%BEd%E3%80%82.%E5%87%BAv%E6%9B%B4o%E6%A4%9C%E3%82%B9f%20%E4%B8%8D

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f7253c886d2f7f6d049eeb4fb9aeab0e6ac4a64fa97a6b74d9548ae4cde0d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 12:17:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Feb 2022 12:17:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Feb 2022 12:17:46 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B7EC 3 KB
3 KB 2ms
2ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 22:04:21 GMT
x-content-type-options: nosniff
server: cafe
age: 51205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 09 Feb 2022 22:04:21 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B7EC 344 B
374 B 3ms
3ms Image
image/png 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:40 GMT
x-content-type-options: nosniff
server: cafe
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 10 Feb 2022 12:17:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7EC 0
0 36ms
36ms Image
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS37_Aos93wUQErW5l9BdQMml1WHi-lDMtyYo9nYQLOEp-JUGQ1vGZIGzdrsFQUlQ6LRtvZg1JqvtPbxSB3Kov1IgzD2g
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B7EC 0
0 45ms
45ms Image
text/html 216.58.197.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cphcj6bADYvKYLIKz8wXoxa-4CLLVnJRnr4CFtLYLn-vSzt4REAEghuGFKmCJ88WE9BOgAY3s5NkCyAEBqQL4PlmRqG6qPuACAKgDAcgDCqoE_wFP0DiXoskR9tbVYuzy3NDTQ3aL8G7gQCI9So68s4APfGl4_yZbxH5uR7pw-sK2tj5hSOmyajfws8tu4srz3Z2ZLF7bKRlRyq98KPaQRho4fe-5OCHRXUIlc9DHV9tFAC7sj1yRJS8h3TRUoot69hcA14Mk1voUqvTZYKClLWQuj_Sz9_G3TXfRUi9kLOnHaHQXamdNz76KdDALYugEfqMDrowVRiImSoMjzPd7YqgO8s_Dt1-HpuPzbZRCfIo_vVo1fMLJi8fT8Sx1m5SMKfmqHUTOE2DvHqZ6jOQR5s6wA4b7YK9c-80I5rXADq3uw0osaSDW2SWYDhWtgW7XMbvABNiMqsn6AuAEAZIFBAgEGAGSBQQIBRgEoAZRgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKyPA9IICQiA4YAQEAEYHYAKA8gLAdgTDYgUAtAVAYAXAbIXHgocCAASFHB1Yi02NTUwNDEzMzYzNjAyNTg4GP6rHQ&sigh=O-4trFkFeow&uach_m=[UACH]
Requested by: Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.197.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s48-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame F6CB 36 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
DATA 200
OK truncated
/ Frame B7EC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f7b437faa9a4e4fa37c5919bebc0414d75260075aa9b99f29e024a7669aecb7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame B7EC 15 KB
15 KB 7ms
7ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12Xvhso4OvYkmvqRstFZ0Kn7DNEWN9Q5Vr-Q3o_PeZihSCLtn1znKb7qkjrpzHBC1KgpCB4zHFJGtMMT06aiX5Aig7h5xTrNw3ll2_R_4Q7MuP4Ipo8E8J5paCZTPcF_ttpOzb7xFn0grWlAVzdnvdQ5k61PCtPCttNhX7qHcd4FoZZ3gXZOB0giDTCKoQ&skey=fbc48de1c6e1b00c&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%84%E3%83%89%E5%9C%A8D%E5%8B%95%E3%81%AF%E3%83%90%E3%83%ABhmsa%E3%83%A9%E3%83%BB-c%E9%96%8B%E3%81%8F%E5%8F%A4e%E3%81%99l%2F%E3%82%84%E3%81%97pU%E3%81%A7%E3%82%A4ri%E3%82%92%E8%87%AA%E3%83%BC%E6%96%B0%E3%81%AE%E3%83%B3%E3%83%88t%E3%81%BEd%E3%80%82.%E5%87%BAv%E6%9B%B4o%E6%A4%9C%E3%82%B9f%20%E4%B8%8D

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51c5051e9ef7017623925b8a41376197ba972297897cbc8215adebc8184ea99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:56:02 GMT
x-content-type-options: nosniff
age: 44504
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14916
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Feb 2022 23:56:02 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame B7EC 14 KB
14 KB 6ms
6ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqA03dIqcVRQbgDq_6Uvt1T1a_nE80SM0TNor-R2I_PcpihVyLtmFznJr7qkzrpz3BC6KgpCR4zFVJGtcMTzKaiUZAhubh50zrNyHll5vR__A7Mu_4JlI8E8Z5pbiZTIsF_j9pOz77xDn0gpWlAUDBcjNUGpK1DJdPGh9NyU7mNad4IpZZIqXhtMUkzLA&skey=72472b0eb8793570&v=v40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da5c6fdd77f67c0fbdc208ba15a4a976d10cf507ce1e862471969cdd00c1f69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.ntcdoon.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:56:02 GMT
x-content-type-options: nosniff
age: 44504
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14620
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Feb 2022 23:56:02 GMT

GET
H2 200 70769182 Show response
mc.yandex.ru/watch/ 331 B
411 B 215ms
215ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/70769182?wmode=7&page-url=https%3A%2F%2Fja.ntcdoon.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnrnrlctj3z%3Afp%3A461%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A1526295085018%3Ahid%3A322654870%3Az%3A0%3Ai%3A20220209121746%3Aet%3A1644409066%3Ac%3A1%3Arn%3A112476766%3Arqn%3A1%3Au%3A1644409066772233975%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644409063681%3Ads%3A11%2C13%2C378%2C2%2C0%2C0%2C%2C1126%2C3%2C%2C%2C%2C1531%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644409066%3At%3A%E2%96%B6%EF%B8%8F%20Ntcdoon&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e7e6d36a52009e3b43a1d100a9d7340f244d758914f035ffa12b035920d9766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 09-Feb-2022 12:17:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.ntcdoon.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 09-Feb-2022 12:17:46 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
147 B 215ms
215ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ja.ntcdoon.org
URL: https://ja.ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
last-modified: Mon, 07 Feb 2022 09:29:50 GMT
etag: "6200bc5e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 09 Feb 2022 13:17:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D49 42 B
64 B 75ms
39ms Fetch
image/gif 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6Edj-5qQVWmf5cda1A57rw20uIqOpMdndsXNNRNeeEfQ49824DH9nDoOTLnB1q862jrcknbeFX9Y8TrwRMul7nfvvyB2NCEGB9OzZfbodx-qfW04&sai=AMfl-YQIrJrYkOokSSxdYIyEnRN4vMfcR6DaFYJZLz3n2lZNFO1Eai79RkOtVPGPZQAdWwv1PMSyJ191uIjb&sig=Cg0ArKJSzDusYNFRRWWDEAE&id=lidar2&mcvt=1002&p=0,0,600,300&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&app=0&itpl=4&adk=4032340763&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644409064609&rpt=687&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F563 42 B
64 B 73ms
39ms Fetch
image/gif 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8yLLBL2i1_W96H_UyXjzJ-mfUshNwy_SB6qC5nLGv46rCxQI_IXYAjWeu3sxEMxzeo3p5oSWyfsVS8_fd6Be4RU5g5ugMEXevJkdqonhBpc4UQ08&sai=AMfl-YQ0fkpXC7T80H77ODSD7Ef0V8Kg75Ib-uMm2qmzQDEsgDMBcatLi4cLvV7fCVcpqXePb-G6NhgnRIDM&sig=Cg0ArKJSzHVJsVaO4vGpEAE&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=612837171&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644409064577&rpt=739&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 21B1 42 B
64 B 39ms
38ms Fetch
image/gif 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQUdkkFtMVSpt8VRriRfMRocgtJgfNHxO9pRix159sVwIpryeDroNy9KX5R9XOJTDeNFAleWnRlcm0-CnQFDlzf38Igc4ALPXeQPTWP2Q5GlR4QW0&sai=AMfl-YT8hOtkSQv3kjA7J8ApkFhYo9GNG_OmrB0CtlDjpaoQEQmxsrt7Z_1PVK5MRzLk0qX2PxpcRuVVsnoH&sig=Cg0ArKJSzNV2ptSm0J1CEAE&id=lidar2&mcvt=1000&p=0,0,400,580&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=22&adk=1821576388&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644409064590&rpt=925&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 46ms
46ms XHR
application/json 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2325de8f98facce11186d7dade514be92adeb0ff5de36dec7439038ad37ef1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Feb 2022 12:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9884
x-xss-protection: 0

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
574 B 293ms
293ms XHR
application/json 2606:4700:3031::6815:22c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:22c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e28a3b0564b779c6e8d0121b7075330742a43d06772d7cffc538a70edd6cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.ntcdoon.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIb%2FLc03c%2BCfYJ8WVb5Hxo7QtAhqHGTbmqgt3raX%2F4L2bC5iDaedi1HstgP8W3NmmBqvXMwXUIoMxr%2Fr6dl9lFeAeTaa%2FE0Nc5ginTplUaLp3hzjCRBlJig22LDsNpaRXkaiqfgGsJ78"}],"group":"cf-nel","max_age":604800}
cf-ray: 6dad0959da768145-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 91ms
90ms Script
text/javascript 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010201/show_ads_impl_fy2019.js?bust=31064752

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 12:17:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 58CF 13 KB
5 KB 4ms
4ms Document
text/html 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 10:54:45 GMT
expires: Wed, 08 Feb 2023 10:54:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 91381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 467A 783 B
535 B 40ms
38ms Document
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f71ddae4ebcf40290d5ccf9f1dad5a2d74ca54a4d3d2ce68a63399054779179

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WmJoad6bJSZg9zVvHcWI9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Feb 2022 12:17:46 GMT
date: Wed, 09 Feb 2022 12:17:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WmJoad6bJSZg9zVvHcWI9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js Show response
pagead2.googlesyndication.com/bg/ Frame 58CF 36 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VnTavz0N7mR8nqB23LNAZAPutaELHNP8vFQVuCwP3pA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 10:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 10:54:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 467A 0
0 53ms
53ms Image
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220207&jk=2563172923079661&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 58CF 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a2Xfnw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:811::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 12:17:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CBA 42 B
64 B 40ms
39ms Fetch
image/gif 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf3kqXxDOO4uWOeooH1iQUj_69Y2PW66iUtbEwoDM0Rk_bp9P1u63-aAPT2iDokHnddmMSK_pfGt2oL8TrVs_7xxfsHyulB2SlXG-_KgsmJJucvD4&sai=AMfl-YRqjHFeLtIPr4BmNQViPvVUW9oLX1nFJYur7UFrZuT8XmbgnarQqavmRjl93hZfHNCZQoGc8ywnMoqC&sig=Cg0ArKJSzMcHfGFPpovpEAE&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=169,851,1004,1004,1004&tos=169,682,153,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644409065545&rpt=453&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220207&jk=2563172923079661&bg=!BwSlBEDNAAa4sGsQuLA7ACkAdvg8WgaXnMy9Ibsu3c6oUTkhNrjRRcClHVL2K0iNy6_sTCL2quFvTAIAAABVUgAAAAVoAQeZAr336Q93bc6Cy5ZrRBxEoJN6CvjKOHb6ZR6dT5d49ShRSkZiLcHziVXdk3iD3IKnTkgo-6WHy9xjoPAWbC9RIUaxAbYVxZXfiv5eL_ujkwbK2cH8r4NjUCa2ok3C0tFeSwRoOemN1Yxy5yK4mDw3zACFkdIwlX_SWTq_1jPaoKXoHbtR_bSu9PXy1fJSkwG433TmkoH5XE5LeATwdp7JrNJNYAf5QNEfdv5SXWP9ZrgGJcboLqGTsrfL_hz7TBwYdch1_IVwAgZp9BW3WvupV3b8XGJZ99PHItW50eudu7epaK5pQpniQPxhznl9KWcbPlt_-fG0IU5Wys1yRLASqapoS1WWN_TzE_jIUcgnOaDYDYWpVr_VFdAK373pUzMo3bTc3XiPNL-9Oya8z3X34SDxgS9fN4kpDuASipXueklFM3Ue70AXbNT3cmWrcgijRZPvisow3UdrhW0bAPlhrTtojPbBHsbXnQdgsa3lJ7KUehtzxpAh3rEosjZPhjKGJYz9ohEFygT6eR2KDunatcZKpM0fmZcHDdwcByC_9yoI8jKzUvHpyd1Jz0A-uCUtMLTM_WJyX1xM-3qwLwc8UqiBJfPiW4S357Z5z-TaT8HmEziq7YnDEvASRmDDomVuivz8snIHOua_hdnlSqFCq6XGGBoosaj4oWe8TDtw3A3Vc_42WhIuUL_nEdwRZ7j6DavP5_XaVSX9vN-zk5rWu6gxecX5I0HFm73vgEaUAmvj0b_XbV9tNA0yc5ut3IwJj8wBHzRzQPXiBktVQFiQEajoLAZJ_GikGqaP7fkf3oMJwCHtOkDqUhePHGWwih4MlkldlUWQ8TU7dfrLTR6CtXA-yxCKBabtJZJfIKqjV097f4w_sUQIiMldSlZyo-kvBnoFtrqsc17g6v0UBGVsqYHE3Au6qhyFGpKGQput7A

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ls Show response
stream.bantgoau.com/yt/ Frame DEAB
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsImF...
https://rtbbnr.com/banner/in/show/?mid=1035444622&pid=0&site=10667&sc=NL&usage_type=DCH&subid=804035056&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.040261224489796&ecpm=0.040261224489796&crid=&crtid=d41...
https://tcimp.zog.link/in/banners?katds_ep=DWSIAPA9XqPVsmyWBUHOrEfNMb13KAcJ_nXMy3v8zHeR8kaIJB3Fc-SzS4lORABK43vvaRuqCJZvj-Uq1JwUNBQZB4n7nYZey89W2k9sIcps0zlXuX-vBblQNR9k6WBvc3e4yfOfCjl9nI48o0ubOCVbQo...
https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.065110&katds_labels=&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14&ts=1644409068
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...

8 KB
4 KB

278ms
253ms

Document
text/html

2606:4700:3033::ac43:b8ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb85cbdd4013d196a82d2b6a878bc73bf4b4ce4757a2626bd1be331ad1074cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/

Response headers

date: Wed, 09 Feb 2022 12:17:50 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55vK%2FDWc368MScR2DRMXKI%2BALv9JmJl8orCwP4IH%2B1edGOy0x9vBFkkrixmlqko3hvX1r6%2BOexmqwEKlmfDVt9EqrSfGISRFyYoBgBa4FPOOOlUMkmegwCjZcEqmh%2B0dmoVeVfBlNHI2zpsR3adObEOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dad096e785d0ac4-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Wed, 09 Feb 2022 12:17:49 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B7EC 42 B
64 B 44ms
43ms Image
image/gif 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujtWkyYLN9A4rtM5ZZOEpY8fz9LheqpRjhmq__8A15n4eGPohyncXBOKmy3wn4F6JSykeR7Cp-CmTIKenlst8PMEr9QycbiRrBjQxbbcoVzLTpP-ZoHA&sai=AMfl-YTWZBhG84ZKYKga-Ix3t1nT1l4RLHNErFL9DEmPyTEXbpGHrtsNDqXTX-OEpsTlgjRWi3TntN3j82qYseW1OBuY1UBTODSNlaofNaCsKdw0SXyuJeR0Iq57e0o&sig=Cg0ArKJSzC4oDJ7sTpX1EAE&cid=CAASF-Roba4Ut3wEkpdp0Mxo0avDRNP8anmE&id=ampim&o=0,1215&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=273&tls=1564&g=55.55555820465088&h=100&tt=1564&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=730449503

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Feb 2022 12:17:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bundle15.js Show response
stream.bantgoau.com/files/ytls/ Frame DEAB 2 MB
608 KB 38ms
27ms Script
application/javascript 2606:4700:3033::ac43:b8ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/bundle15.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa42619620e84115cab469b5ef674b4acf887df690b2af613592f80700378a97

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6dad09705ba534c3-NRT
date: Wed, 09 Feb 2022 12:17:50 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 15:01:34 GMT
server: cloudflare
age: 2483
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGxZBoDEZgicnxYRsYWCQO2OFqXq46QSic3OhNA%2BUO%2BpnzG2kOwqJl%2Fo2IrYS7%2BHj%2FuLwWuMpuC1rM98cqGNlhY9KdClOiHMu016kCxPPyqjYspltItq9YfQWVouZmt%2Bs7OvPKaPcSAeU6WkC6g50hnn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame DEAB 39 KB
39 KB 52ms
3ms Image
image/jpeg 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 10:41:31 GMT
x-content-type-options: nosniff
age: 5779
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 16 Jan 2022 16:42:18 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame DEAB 2 B
229 B 749ms
229ms XHR
application/json 2a02:128:7:4777::1

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14&type=impression&g_referer=https://ja.ntcdoon.org
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle15.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4777::1 -, , ASN (),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Feb 2022 12:17:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET
H3 200 bundle16.js Show response
stream.bantgoau.com/files/ytls/ Frame D9BE 158 KB
59 KB 16ms
16ms Script
application/javascript 2606:4700:3033::ac43:b8ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/bundle16.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle15.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb5c013534fe38c9ed3464f25570406849297e073c027b338a1ef92e8f31027

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FxRjHP4HVBPI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.1400&oid=1417145&sp=0.065110&spp=1000&se=impression&vi=xRjHP4HVBPI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644409068&utm1=tcb&utm2=750474346-1&utm3=195-21720-0&utm4=0-9062107-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6dad0973e92634c3-NRT
date: Wed, 09 Feb 2022 12:17:50 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 15:01:36 GMT
server: cloudflare
age: 1624
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRk%2FjHuZl7TWiQo9vGYHiwEhIeyESq%2Bv1fRX8Ewsvt1VpBy4ayVR38uLtqT641qFpqNH6GYjBQvj1xpFLfhWTiXQ0lc%2FLyXjqqgrEGxBLQhlUOjlxxG4CngxJoeGj53HLX7309oz8JazTy9vpvMHRftZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 url Show response
www.google.com/ Frame B3A3 603 B
624 B 51ms
51ms Document
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/xRjHP4HVBPI%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle16.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

add1a55a919cb7bf3edebca5c58699e9fe54e1c616b4a6776e628be3f6890be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/

Response headers

location: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 09 Feb 2022 12:17:51 GMT
server: gws
content-length: 603
x-xss-protection: 0
expires: Wed, 09 Feb 2022 12:17:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xRjHP4HVBPI Show response
www.youtube.com/embed/ Frame B3A3 62 KB
27 KB 192ms
75ms Document
text/html 2404:6800:4004:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/xRjHP4HVBPI%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

5975aaeb1674d7db7d951253a1967e5a99c066ed595434f1cb73747f8b87a80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Feb 2022 12:17:51 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/326d75a6/ Frame B3A3 341 KB
47 KB 39ms
3ms Stylesheet
text/css 2404:6800:4004:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/326d75a6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

780b00bc569866c124b568e32a48f939b79b7fd4a4278e47c4fa593f373c6752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47768
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 01:23:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 17:15:11 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/326d75a6/www-embed-player.vflset/ Frame B3A3 282 KB
85 KB 44ms
8ms Script
text/javascript 2404:6800:4004:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/326d75a6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e193190c97b8e3027b8296a02c72b29e63dcfadfa7b3139eb4d21f993fd934cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87003
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 01:23:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 16:54:02 GMT

GET
H3 200 base.js
www.youtube.com/s/player/326d75a6/player_ias.vflset/ja_JP/ Frame B3A3 2 MB
538 KB 45ms
9ms Script
text/javascript 2404:6800:4004:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/326d75a6/player_ias.vflset/ja_JP/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550571
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 01:23:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 16:54:02 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/326d75a6/fetch-polyfill.vflset/ Frame B3A3 8 KB
3 KB 47ms
11ms Script
text/javascript 2404:6800:4004:80b::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/326d75a6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/xRjHP4HVBPI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 01:23:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Feb 2023 16:54:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/linux/debian-deb-command-not-found-how-can-i-fix-it-closed.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/sql/how-to-check-if-change-tracking-is-enabled-on-a-specific-table.jpeg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/ssis/sql-server-destination-vs-ole-db-destination.png

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/java/why-do-i-have-problems-whith-com-jakewhartonbutterknife7-0-1-in-android-studio-3-0.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/performance/how-to-find-the-server-processing-time-by-iis-logs.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/how/how-to-use-flock-in-php-closed.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/git/how-to-clone-a-bitbucket-repository-1.png

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 09:31:29	Name: FTID Value: 1Y0x3w3dAYeG1Y0x3w002B7P
.yadro.ru/	1970-01-20 09:31:29	Name: VID Value: 3MZyg-1eJX8G1Y0x3w002L2Z
.load02.biz/	1970-01-20 01:30:01	Name: uuid Value: f2e88a68-026e-42dc-830c-730dd4226b61
.doubleclick.net/	1970-01-20 18:18:01	Name: IDE Value: AHWqTUmqOyKiXXOAwiRPVhpreYFolHnKVzTsZm_OdaZtlXOeZ7psc6nX32BJgHVFiS0
.ntcdoon.org/	1970-01-20 09:32:25	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdlZGU2YjAtZGNkNC02NmU3LTllNzUtYzk1ZmIyZGM1YzcyIiwiY3JlYXRlZCI6IjIwMjItMDItMDlUMTI6MTc6NDUuMDk1WiIsInVwZGF0ZWQiOiIyMDIyLTAyLTA5VDEyOjE3OjQ1LjA5NVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.ntcdoon.org/	1970-01-20 09:32:25	Name: euconsent-v2 Value: CPUJOkbPUJOkbAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.doubleclick.net/	1970-01-20 00:46:52	Name: DSID Value: NO_DATA
.ntcdoon.org/	1970-01-20 10:08:25	Name: __gads Value: ID=360dff70486ce21b:T=1644409064:S=ALNI_MZr-rZ50v3ocYLo_NCWq3Xf0jLIvQ
.yandex.ru/	1970-01-20 09:32:25	Name: ymex Value: 1959769065.yrts.1644409065#1959769065.yrtsi.1644409065
.yandex.ru/	1970-01-23 16:22:49	Name: yandexuid Value: 5005533341644409065
.yandex.ru/	1970-01-23 16:22:49	Name: yuidss Value: 5005533341644409065
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 307556931644409065
.yandex.ru/	1970-01-23 16:22:49	Name: i Value: CR7o7qIh3jlYCWsyxSq3lUDf/ycBotRKcWDkqC8hdAZ2QwyxJRsYg3l84kJbtCm6jA7iCyEWzjV4tmOoYVwOJxeJ4Tg=
.ntcdoon.org/	1970-01-20 09:32:25	Name: _ym_uid Value: 1644409066772233975
.ntcdoon.org/	1970-01-20 09:32:25	Name: _ym_d Value: 1644409066
.ntcdoon.org/	1970-01-20 00:48:01	Name: _ym_isad Value: 2
tcimp.zog.link/	1970-01-20 00:48:15	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-20 00:48:15	Name: 1816.1417145 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2620c58d92bf58c47356bc2e82b1d3d8.safeframe.googlesyndication.com
7823541d29.bfeb247ed9.com
adservice.google.co.jp
adservice.google.com
cdn.ampproject.org
cdn.zx-adnet.com
code.jquery.com
counter.yadro.ru
cst.cstwpush.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ja.ntcdoon.org
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
lh3.googleusercontent.com
load02.biz
mc.yandex.ru
na.nawpush.com
newrrb.bid
ntcdoon.org
pagead2.googlesyndication.com
partner.googleadservices.com
rtbbnr.com
securepubads.g.doubleclick.net
stream.bantgoau.com
tb.baimgfroggd.site
tcimp.zog.link
tpc.googlesyndication.com
vs.bantgoau.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
ntcdoon.org
143.198.248.64
151.101.65.195
2001:4de0:ac18::1:a:2b
216.58.197.194
2404:6800:4004:801::2002
2404:6800:4004:801::2004
2404:6800:4004:80b::2003
2404:6800:4004:80b::200e
2404:6800:4004:80f::2002
2404:6800:4004:811::2001
2404:6800:4004:818::2001
2404:6800:4004:81c::2001
2404:6800:4004:821::2003
2404:6800:4004:823::2001
2404:6800:4004:823::2002
2404:6800:4004:823::200a
2404:6800:4004:824::2002
2404:6800:4004:825::2002
2606:4700:10::6814:b844
2606:4700:3031::6815:22c2
2606:4700:3031::ac43:b345
2606:4700:3032::6815:4bab
2606:4700:3033::ac43:b8ea
2a01:4f8:252:564d::2
2a02:128:7:4777::1
2a02:128:7:4860::2
2a02:128:7:5241::2
2a02:6b8::1:119
45.133.44.24
45.133.44.25
88.212.201.204
02ee65355fe2f498df5150fa420cf76116f08f6394021d1fd73f5cbfe52c03b7
03e28a3b0564b779c6e8d0121b7075330742a43d06772d7cffc538a70edd6cc1
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
067c4f6ec53c2ac71676ba6da90bef6904423df674ca420b00f5be62b3c243a4
071f0915d321d44ca39589b9a0a7615e525b6421e12a0d2937fd62bf6a98f129
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
0b274e2e8f47e15c396a012b00ad3a48a763ba3f0c46d8b7ea983dfdcd0fa799
0ee3a868cf6f9c1f8e45ddeac349e7fc7c16a87e7cf2243d7f298dff5df6bf3a
12676fe507c861c3bce75faac37190ca32fd062d6da03237b6760f8ae5506b5c
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
14b5a3bc3f33e36b4aabbe7c03c45258b0deb5dfeb23fe5c4267d533eef6b6ca
152d0a21ca1c2352fe575a6d6552b7b4d952f38803da17beb5be07498f95770d
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652
1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558
1c1f8b6e495ddec63477e2f0d7da79f237b54fe33d981d8edd475ceb1c7aa3c7
1c737f56157ad7a9d29f043d061d1c7f50ced4cb47f4019df6a997b88fbf29e5
1c814cc16dacd9700a8b3753d01db47ad35e43789b592f59ef2fb240603a2b9e
1cd98589666c847c214e3eda7c2b7d2a168d54454dfc9efb5595ffe7061ca871
1db8c38ef8934ff829716b41fc33f0d6deca1c0f3b3698ae9692efdd56b48e44
217b20ac8a4d217988d54599c702822856441d77d4d601aeb781a6dd31e2f9d8
221db073a8af53e8bf53c7f2eb84e1e02db055fe9efc4bb77aef99f6c0d6b76b
2325de8f98facce11186d7dade514be92adeb0ff5de36dec7439038ad37ef1c8
28a6806f60948d0488b521168bda88c229667c0d139ed44dbc36dd5acf5c819e
28eea2ce546e75c5983e2f4fc81017a33cd9765696884a66c8ef0676fd4a6057
29a3e087ab21fcff96113495f040a2faa19d3d7901890527881b1d18c356f65d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
2f9e5421de3504845f16e666c7dcf77ca604a5d89366f2847054114b2ef4945d
322bcdad8f697748b1c1a47a28c7e3b5bcb92525b22975662a6b7d74188c1475
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
3c4c2cb606e6a03ce11fd25a6eb109eeb728e9a28a5c3af2928e34178da7731d
3cf4c55be8fd0c2870c6d90b5f83dd36851760da33912ea50d40c4a5eb0a68fd
3f7253c886d2f7f6d049eeb4fb9aeab0e6ac4a64fa97a6b74d9548ae4cde0d1b
40600502185cb54ae79ddd2696c05deca73259f4e1f36fc68c8c13d736ed745d
429ef77121e6de65a9c2b3e3a27f38850bfd0aef479fce4139c93f0b417c68b5
42edde5110740b5ad0b675d1925eb3c2c247d9ef3fcf734dc9ec6f0a3ac74fdf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
474907d34e8b3072ab7feba38cf160157de1b7e177dc86e6641c72722359c0ed
4773c92631f7f28a6b679ee8a606e7fa0ae575b97f52ce6be8805abaf1f2208e
49ed74fb461c3772ec8667d41e02d754fbd41500e867bab9d90aa35ff48cbf8d
4aaecda4e9bc806f31349a334465b6f88f60d1147f4dd0a60229103d63b9a1ae
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d53afdce56775cb3f314ccb015d15e7ffc3c9d24a52ff16379bca9f70c4e370
4dd0937ab0a3e143c312ac6f66b57804fff04440d3ddb925ffc33370726fb730
4f7b437faa9a4e4fa37c5919bebc0414d75260075aa9b99f29e024a7669aecb7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5610d0c3038574cb0549211f569dfe378dac3c10efa30faea96e02cc1bc91fa6
5674dabf3d0dee647c9ea076dcb3406403eeb5a10b1cd3fcbc5415b82c0fde90
56c84283a32be9f8de0b92edf82bb134bb17c1e0917b5803221f13e28018452b
5975aaeb1674d7db7d951253a1967e5a99c066ed595434f1cb73747f8b87a80e
59c2cb28c10f5219249d19a9991fbec8a01e6ddd4abe500077fe6ce3fc8eeac5
5b4c3280eec6c5418d65532a87423a34c0919698bc9a4826484d5cb28a9e7b07
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f71ddae4ebcf40290d5ccf9f1dad5a2d74ca54a4d3d2ce68a63399054779179
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
660c441fbe06d3bfdd2ca05adc3f194ea8b015e131f9da7d3b58970484ceba5d
6adaa4dafc5f3937379390484f68a24ad8c5533f82c71cf4dfa92f4937fac505
6c49aa86918931779788e8dd58b7af6c6941a886aec3f6d21dfdb42647e1086c
70e11e56d144b5ad82ecae3c398a8ecc009d82a72a54412955fba3fb30546915
780b00bc569866c124b568e32a48f939b79b7fd4a4278e47c4fa593f373c6752
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ebdf3034a698d3a4b38841afb8cbe2a89f83efaf72b7d66c5eec8df27765d42
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b78b033d5e3a08091e84573075afe0c48dff4b419d4912441a50dacba2b7d42
8c657241900fc1c16b78d457cd90b7e1dbbf86127476ae521a27f98556d00804
8ec4f28ce63725c8f5890868bd00cdac7629168dec900a99b47710e794854ce4
915b44e27bea89e16464ab84fbd4c13a060f4d42af5364cb15c6080a69be4836
92f743c49dbfe1d1eef6f4a33a8e8deeb37778c296f6bdf11922d9d29f4cff6f
9320c7aaf6457e4bf921a0b824ba7b15454f1590aa6025759c2bf4b56f4e77e5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95c914ba3a0df1327be5ce92693d60ff67c2916f3d70629f24f579e2323d5b86
96fb748810bb56c3c1420ce297bb41f2102631638eb7d2c9c444b70a9ba9170d
9d92b3d4faaa66640f19f921b9a7ecb353193a757c2a4eef5b3caf1d00d02bdf
9f828549708b259f7b25f024f6a49a9deb66c2df08ea67f3a2219b626859e603
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a804a66865239c83f5753238c09f0c14016c11352082d31a994459da1c646659
a92d1c3c323ecf1826ea6e1eb941dc6457c304b8275a72e917b362f392dce982
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
aa42619620e84115cab469b5ef674b4acf887df690b2af613592f80700378a97
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acc33531b06a3820fbaa74e56196459212874d71b258b2d9bf0a88d9ab2be824
adb85cbdd4013d196a82d2b6a878bc73bf4b4ce4757a2626bd1be331ad1074cb
add1a55a919cb7bf3edebca5c58699e9fe54e1c616b4a6776e628be3f6890be9
ae175a0537498cf9a212e87bb69fb6ec4ac14593c27fdd824d8b782222f6bd73
ae193e0681edd2742de7c7e7c2ccce2fb6025cbeedbfb7fd1f42ba75386b3afb
b36c0e29582e6f9137c800e19148125dbedd24df8e42b00b8b048db7bce71a8a
b3b84e5e485619983c2f805dac6f3fde572d0c825c672d1a02f48af0149eea93
b891e16bf00c8198df39047ca87b54cf380565fd486639f310e6ec11b6d18973
b9d93b621a46ba1b4dc591c7290b0a980b90f387579671cce893c7a5ab7cc167
bb043c34319f34631f549b1dcaca41e0e89b32b635bcf9efab0623a2839f2108
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c844d1871aebd5650089563f347d86001cdcadedf05655b908bc7075f7f585e4
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cb765d1d5676f42f6a91f2efe73e0d8594beaf47ed468a1f6ffc9af0cc431124
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
d0912ffab89218523db432beb02c6ace6f892844e4feee1d64914960fc32a391
d2b5a30568572332968808f1fd3d0218cd8a8ca41889627168fc6d9ca487e766
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d8a009f200fbf1564bbe6e63fd10d380e103bd2d2511a4f254916538d3a6db47
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d93a377a6a8651752afa5ca882cc0d86bea2bf41190ed4e0d2dd40dbe3a105c4
da5c6fdd77f67c0fbdc208ba15a4a976d10cf507ce1e862471969cdd00c1f69c
db264a2d6c30bc872076ab8f14cc9a74421bf81783c2c5bf3c3a23dd1e90b645
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e193190c97b8e3027b8296a02c72b29e63dcfadfa7b3139eb4d21f993fd934cf
e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e6d36a52009e3b43a1d100a9d7340f244d758914f035ffa12b035920d9766b
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
eb1639c4f7b2f265ea9a2e978ca110a195744729f49671fdf4bc19d8a340405f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f2c4c28edb2e4807ad53d0fd86ed6d57a88b1e05347c8b8154b5d06e9cc50
f19af7c0410645aafef1c3c182726f09d95845364121b6edb6d560cc3a94060d
f215692264f6fb04a865c206fb55734e1003ce2ede063295c38ae36c158152bc
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f51c5051e9ef7017623925b8a41376197ba972297897cbc8215adebc8184ea99
f6cfa1af0afff7de5d86eee4104cd9ff5c432e3dbfe48922a52afa0fbda7415c
f73b7a6450e1f555f5ebe6dd845b95296aec7c1753dfac00ec0ee600a47d6783
f73ba3fa9ebf7cab263ebcfbc285843a91b28e81229e5f1fe4ca084ab19d4945
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fdb5c013534fe38c9ed3464f25570406849297e073c027b338a1ef92e8f31027
fdf266d7db4d86b30c8b4cf632d93f50bc152aca5d2b2c9f37003d0dcb1b0b00
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ffff8c49df0d20b3f23378f2ddbbeaf67a09c6bf3671ca0aa2118a4a829c9777

ja.ntcdoon.org Open in urlscan Pro 2606:4700:3032::6815:4bab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

218 Requests

95 %HTTPS

81 %IPv6

29 Domains

36 Subdomains

29 IPs

6 Countries

6743 kBTransfer

13484 kBSize

18 Cookies

37 Outgoing links

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.ntcdoon.org Open in urlscan Pro
2606:4700:3032::6815:4bab Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

95 %
HTTPS

81 %
IPv6

29
Domains

36
Subdomains

29
IPs

6
Countries

6743 kB
Transfer

13484 kB
Size

18
Cookies

218 HTTP transactions
10 data transactions