www.thefandom.site Open in urlscan Pro
18.140.162.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://retroexaminer.com/
Effective URL:
https://www.thefandom.site/
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b mspecial Search All
Submission: On September 09 via api (September 9th 2022, 12:56:59 am UTC) from JP — Scanned from JP

Summary HTTP 151 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 33 domains to perform 151 HTTP transactions. The main IP is 18.140.162.93, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.thefandom.site.
TLS certificate: Issued by R3 on August 6th 2022. Valid for: 3 months.

This is the only time www.thefandom.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.241.225.168 162.241.225.168	26337 (OIS1) (OIS1)
34	18.140.162.93 18.140.162.93	16509 (AMAZON-02) (AMAZON-02)
7	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::ac43:a1d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4004:811::200a	15169 (GOOGLE) (GOOGLE)
5	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2404:6800:400... 2404:6800:4004:81d::2008	15169 (GOOGLE) (GOOGLE)
3	35.190.14.35 35.190.14.35	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:9709	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21b... 2600:9000:21b7:fc00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800e... 2620:116:800e:21:c338:3a39:7c0b:1a51	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4004:811::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c4:ae00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c4:1a00:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:80a::2001	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1 9	2404:6800:400... 2404:6800:4004:810::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.208.243.53 34.208.243.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	15169 (GOOGLE) (GOOGLE)
1	99.84.140.54 99.84.140.54	16509 (AMAZON-02) (AMAZON-02)
1	18.225.2.19 18.225.2.19	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:822::2001	15169 (GOOGLE) (GOOGLE)
1	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:808::200e	15169 (GOOGLE) (GOOGLE)
151	44

1 162.241.225.168 (United States) 1 redirects

ASN26337 (OIS1, US)
PTR: box5278.bluehost.com

retroexaminer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 18.140.162.93 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com

www.thefandom.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:a1d1 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:811::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81d::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.14.35 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 35.14.190.35.bc.googleusercontent.com

components.mywebsitebuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9709 (United States)

ASN13335 (CLOUDFLARENET, US)

images.builderservices.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21b7:fc00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:c338:3a39:7c0b:1a51 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:811::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:1a00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::2001 (Australia)

ASN15169 (GOOGLE, US)

e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:810::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.140.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-140-54.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.225.2.19 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-225-2-19.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:808::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	thefandom.site www.thefandom.site	596 KB
28	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2206 www.google.com — Cisco Umbrella Rank: 19 cse.google.com — Cisco Umbrella Rank: 4275 clients1.google.com — Cisco Umbrella Rank: 470	218 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174	271 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	203 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	95 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 www.googleapis.com — Cisco Umbrella Rank: 62	36 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 305	109 KB
5	wp.com c0.wp.com — Cisco Umbrella Rank: 7979	37 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3712 google-bidout-d.openx.net — Cisco Umbrella Rank: 3620	617 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 9152	8 KB
3	mywebsitebuilder.com components.mywebsitebuilder.com — Cisco Umbrella Rank: 102086	137 KB
3	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 11030 basher.ezodn.com — Cisco Umbrella Rank: 11420	97 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 9354	238 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 636	14 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1405 pixel.quantserve.com — Cisco Umbrella Rank: 691	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	104 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3995	5 KB
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1654	9 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 8593	2 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 4174	903 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3846	8 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	44 KB
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 1351	530 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1180	681 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 55819	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	699 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 12415	2 KB
1	builderservices.io images.builderservices.io — Cisco Umbrella Rank: 235656 runtime.builderservices.io Failed	2 KB
1	retroexaminer.com 1 redirects retroexaminer.com	403 B
0	Failed function sub() { [native code] }. Failed
151	33

	Domain	Requested by
34	www.thefandom.site	www.thefandom.site
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	www.google.com	1 redirects googleads.g.doubleclick.net www.thefandom.site www.google.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net www.thefandom.site
7	fonts.gstatic.com	fonts.googleapis.com
6	pagead2.googlesyndication.com	www.thefandom.site pagead2.googlesyndication.com googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.thefandom.site
5	c0.wp.com	www.thefandom.site
5	fonts.googleapis.com	www.thefandom.site googleads.g.doubleclick.net securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.thefandom.site securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	api.fouanalytics.com	www.thefandom.site api.fouanalytics.com
3	components.mywebsitebuilder.com	www.thefandom.site components.mywebsitebuilder.com
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	www.thefandom.site
2	basher.ezodn.com	www.thefandom.site
2	www.googletagmanager.com	www.thefandom.site www.googletagmanager.com
1	clients1.google.com
1	www.googleapis.com
1	cse.google.com	www.google.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	mug.criteo.com	www.thefandom.site
1	id5-sync.com	cdn.id5-sync.com
1	oajs.openx.net	www.thefandom.site
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.thefandom.site
1	pxl.qccerttest.com	www.thefandom.site
1	rules.quantcount.com	secure.quantserve.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.quantserve.com	www.thefandom.site
1	go.ezoic.net	www.thefandom.site
1	images.builderservices.io	www.thefandom.site
1	go.ezodn.com	www.thefandom.site
1	retroexaminer.com	1 redirects
0	runtime.builderservices.io Failed
0	Failed	www.thefandom.site
151	49

This site contains links to these domains. Also see Links.

Domain
www.talesfromthecollection.com
talesfromthecollection.com
www.ezoic.com

Subject Issuer	Validity	Valid
thefandom.site R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.mywebsitebuilder.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-21` - `2022-10-22`	a year	crt.sh
builderservices.io Cloudflare Inc ECC CA-3	`2022-04-06` - `2023-04-06`	a year	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
invstatic101.creativecdn.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.thefandom.site/
Frame ID: 260FD3AF4877EF03788A030799E654A9
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: F8B8E783356BEA421A66E4AF8354EB65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&adk=1812271804&adf=3025194257&lmt=1662685013&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thefandom.site%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=297&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&nras=1&correlator=5619173424502&frm=20&pv=2&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=611
Frame ID: A583590D32FBF73424EAB9BCF724AE2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&h=250&adk=1230032942&adf=2086955607&w=1200&fwrn=4&fwrnh=100&lmt=1662685013&rafmt=12&psa=0&channel=6001098654&format=1200x250&url=https%3A%2F%2Fwww.thefandom.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rh=250&rw=1600&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=390&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&prev_fmts=0x0&nras=1&correlator=5619173424502&frm=20&pv=1&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r2q1dtS53E&p=https%3A//www.thefandom.site&dtd=634
Frame ID: F5ECD11214AE972ACC0FA9489292BFF6
Requests: 16 HTTP requests in this frame

Frame: https://e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCFAB2C70F647F26DC2C4580A88922FF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 84F1308162EBE77772924C0C6A6DD65B
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: F03ADCC5C577F8952D5C1EFE33D9CAB9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.thefandom.site&gdpr=0&gdpr_consent=
Frame ID: C32B463FA17DB2042CAF314854F5A715
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: 266E3DAEAF9C716622A3FA395CD8924A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The FandomHome - The Fandomsearch

Page URL History Show full URLs

http://retroexaminer.com/ HTTP 301
https://www.thefandom.site/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

151
Requests

97 %
HTTPS

68 %
IPv6

33
Domains

49
Subdomains

44
IPs

6
Countries

2051 kB
Transfer

6276 kB
Size

31
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.talesfromthecollection.com/
Title: Tales From The Collection

Search URL Search Domain Scan URL

URL: https://talesfromthecollection.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://retroexaminer.com/ HTTP 301
https://www.thefandom.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://gum.criteo.com/sid/json?origin=publishertagids&v=1&domain=thefandom.site&sn=SafariSyncframe&so=0&topUrl=https%3A%2F%2Fwww.thefandom.site&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=FFIzx3xmWmhUS2pUNGVTc3hDZ0lVdVVaMlpSZDNuUHVERktkRUhWU3A3UXNTVmZDVDBXUWpRU1ZYZDE2ekFGZmdibWJodDlZUDNsVnQ0NnBnYXVNV0kwV1hSTFBTZ1p1TlJIMDVpSHpwOW5wTUtzT3RZNGpub0s2bUd6RWlNelNrdzMrMWtKMFIrM0VyQkFMa0FxckVPZUFWK1VOUjNhRGtLNlRvSVk1LzZqN0JYUGZIRUdza00zUzEvK21jVUIrTXg3YWR4YXQ3SkowY2RrWGVob3V0akptUEh3TjBTQUY0NWZMYW82djJnZTFoZkE0SkFkOFV4aHdJZHN4enVBa083VXJyd01OWFM2alFEbUVFV1VBZCt2VmJsQT09fA&cppv=2

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

151 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thefandom.site/
Redirect Chain

http://retroexaminer.com/
https://www.thefandom.site/

286 KB
44 KB

879ms
669ms

Document
text/html

18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d93b731f5babfb48a2edfd7c6e9db24b22ab272b04e47cdf8e22775335751f1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 00:56:52 GMT
display: pub_site_sol
expires: Thu, 08 Sep 2022 00:56:52 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
link: <https://www.thefandom.site/wp-json/>; rel="https://api.w.org/", <https://www.thefandom.site/wp-json/wp/v2/pages/28>; rel="alternate"; type="application/json", <https://wp.me/PdSkPx-s>; rel=shortlink
pagespeed: off
response: 200
server: nginx
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 1
x-ez-minify-html: 3.38% 293313 / 303564
x-ezoic-cdn: Hit ds;ds;0dfa34ac9d291f9d06403b7124150905;2-339608-11;daa70935-cffe-4bed-7493-5c3e0fd2029a
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-nginx-cache: WordPress
x-origin-cache-control: max-age=0
x-server-cache: false
x-sol: pub_site

Redirect headers

Cache-Control: max-age=0
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Sep 2022 00:56:51 GMT
Expires: Fri, 09 Sep 2022 00:56:50 GMT
Location: https://www.thefandom.site/
Server: nginx/1.21.6
X-Endurance-Cache-Level: 1
X-Redirect-By: WordPress
X-Server-Cache: false
X-nginx-cache: WordPress
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 134ms
94ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a412223fab0492a8d9dae6ba09ae45db716aefe7345a991620583155922c0a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
Origin: https://www.thefandom.site
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57535
x-xss-protection: 0
server: cafe
etag: 16229033317956162099
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 00:56:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 244ms
46ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d7a704cff71682c8480e19cb5b7939f9554fff4749aa30166e8d392c8630a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28636
x-xss-protection: 0
server: sffe
etag: "1328 / 371 of 1000 / last-modified: 1662674988"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Sep 2022 00:56:52 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 319 KB
96 KB 48ms
34ms Script
application/javascript 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,onemobile,onetag,sharethrough,smilewanted,yahoossp,yieldmo&cb=195-0-45
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227c1ccf13722dd35be78494e4c9b6925856cc93a1035a26668249c92be24f10

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 02:05:53 GMT
server: cloudflare
age: 687059
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVuG6nXFmrL3IUyCzFhH8bukEDG8yDSeqhgSz8UVsEGQxXP1CIg3xz6ZkPBswG2N1GBAGjdkNh7mrTaQZlfbezoGvlkE3rXsAJvn5Q1hB2wPgf0xOOuHydXK6gVx90tpHTCnRatbbXAgaiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747bf76f9ffb3457-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 banger.js Show response
www.thefandom.site/porpoiseant/ 52 KB
13 KB 77ms
75ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/banger.js?cb=195-0&bv=153&v=63&PageSpeed=off
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c7b45e777260ed4a4e4c94426faf08283dfd6e4bf681a553aa0e6534de78c954

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 css
fonts.googleapis.com/ 3 KB
977 B 86ms
43ms Stylesheet
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400|Montserrat:400&display=optional

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b186fcf793a1aa723bcd883860494c5e77b1a1f038d85c7a5e809d866117bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 09 Sep 2022 00:56:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:52 GMT

GET
H2 200 style.min.css
c0.wp.com/c/6.0.1/wp-includes/css/dist/block-library/ 87 KB
11 KB 11ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT nrt 2
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 09 Sep 2023 00:56:52 GMT

GET
H2 200 block-generic-wb4wp-content.css
www.thefandom.site/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/ 0
95 B 89ms
85ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/block-generic-wb4wp-content.css?ver=2f8a878f4dd2fcda1a03625eadc65afd&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;7c0b92743c666c5946e8da51cf8b74ab;2-339608-11;ad2068c1-57f1-4e5c-43e9-18bd455c13e2
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 0
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 block-generic-section.css
www.thefandom.site/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/ 990 B
331 B 183ms
179ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/block-generic-section.css?ver=29ffbded135d1e494ff0b47bd8c692ad&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 224196268c36f671609b0cb0f2af981475ed9836ef51c58a297c7035eba3d18d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ms;cb7d3f079f26406a20cf84599bac4386;2-339608-11;49a0f5e6-bb13-4c59-4504-da84ccd33d3d
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 223
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 container.css
www.thefandom.site/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/ 1004 B
297 B 133ms
130ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/plugins/wb4wp-wordpress-plugin-bluehost-production/build/container.css?ver=63371796415726a33c060cd169fcd144&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fd30b265fbb74e94e1df99c923897ce2126be2b477f079449f420d8d4234067a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;0f637dcba24dc225dac9906067d0fd78;2-339608-11;c19284ef-89bc-4dc2-6958-339c90595ac1
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 165
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/ 11 KB
2 KB 10ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT nrt 2
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 09 Sep 2023 00:56:52 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/ 4 KB
1 KB 10ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.0.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT nrt 2
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 09 Sep 2023 00:56:52 GMT

GET
H2 200 main.css
www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/ 9 KB
2 KB 135ms
131ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/main.css?ver=1.0.1296&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d93d3947956f235bd3e7338d88c3439689aa084fd9425d315d2b195037c61569

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ms;3b02cdec6cde9e54ef62720c72aa9f80;2-339608-11;d8af5aa9-c937-4d3d-7883-9638cb9d006a
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-nginx-cache: WordPress
response: 200
server: Apache
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 blog.css
www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/blog/ 9 KB
2 KB 91ms
87ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/blog/blog.css?ver=1.0.1296&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2a7e8305395cee954a3f556dad4f29636359c4de9f7448968a142db061babb70

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;4a37224ba1d08b9900c2e43be2723279;2-339608-11;42c36eba-8054-47cf-5be5-04371b4e1153
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 jetpack.css
www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/jetpack/ 499 B
243 B 134ms
130ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/jetpack/jetpack.css?ver=1.0.1296&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9dab8b2920539830f96bdc5ff234eff94df26353844333e8717328fe16ca2e62

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;ms;1bf16dd4ba084c60a30edd83c4fca56d;2-339608-11;95237e15-5dad-409e-49c3-8da5c80f8fee
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 135
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 navigation-2.css
www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/navigation-2/ 5 KB
1 KB 133ms
129ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/navigation-2/navigation-2.css?ver=1.0.1296&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 0a7bb830ca0126a6c54a9ffa9a778421c49bf17bdfb31cc45c311326bff26733

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;5bdc3ba425dc4986323dfef9bfea771b;2-339608-11;45540931-cd88-49e7-4a07-707db6a3011a
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1191
x-nginx-cache: WordPress
response: 200
server: Apache
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 footer-4.css
www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/footer-4/ 4 KB
871 B 133ms
130ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/footer-4/footer-4.css?ver=1.0.1296&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c1fab2776a1fc9672ab7254b6fb388ebdbc6eb31e8a007d0f782e0d48a23b626

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;10a9c903798803b4e6a56fe40cc3a10a;2-339608-11;6ebe06a6-429f-43f4-64d5-fc967f11a5ae
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 747
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 widgets.css
www.thefandom.site/wp-content/plugins/wpforo/themes/2022/ 0
235 B 84ms
81ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/plugins/wpforo/themes/2022/widgets.css?ver=2.0.6&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;58b92447c3a7d66bd78a4c42024752bd;2-339608-11;72289e6c-ad0e-4114-74d9-757bcf33819e
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 0
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 colors.css
www.thefandom.site/wp-content/uploads/wpforo/assets/ 0
95 B 133ms
130ms Stylesheet
text/css 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/uploads/wpforo/assets/colors.css?ver=2.0.6.762dedf90e6e1af28b7c11aaee1679d4&ez_used_css_s=23
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;886ab10e6740e2b4c2665ccb9f0b4afb;2-339608-11;fc3b3db0-5fda-4d89-6091-c01f3c75fcf0
x-middleton-display: staticcontent_sol, orig_site_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 0
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=3600
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/11.2/_inc/social-logos/ 12 KB
8 KB 9ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.2/_inc/social-logos/social-logos.min.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT nrt 2
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 09 Sep 2023 00:56:52 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/11.2/css/ 84 KB
15 KB 9ms
2ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/11.2/css/jetpack.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT nrt 2
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 17:25:16 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sat, 09 Sep 2023 00:56:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 87ms
44ms Script
application/javascript 2404:6800:4004:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197911823-2

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03daf3d07b476bfe1ab2d57017cbc450082015aa464e0ffceaff624cb235b747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41921
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Sep 2022 00:56:52 GMT

GET
H2 200 font-awesome.css
components.mywebsitebuilder.com/fonts/ 30 KB
31 KB 20ms
5ms Stylesheet
text/css 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/fonts/font-awesome.css
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 14 Aug 2022 08:57:58 GMT
age: 2217534
x-guploader-uploadid: ADPycdsJ9lK2sCpzAqJr_vqbdHs05BNiK78DmDaSD-Vj_vWdVsRitQWbgejD7aprAwpqSoigRLs-EJqZ5K45a0y19jIDbQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30748
x-goog-meta-
last-modified: Fri, 18 Dec 2020 10:13:33 GMT
server: UploadServer
etag: "9f3af79fa00509146c92bd91454d4eaf"
x-goog-hash: crc32c=ghVUSQ==, md5=nzr3n6AFCRRskr2RRU1Orw==
x-goog-generation: 1608286413516447
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: Cache-Control:public,max-age=315360001
x-goog-stored-content-length: 30748
accept-ranges: bytes
content-type: text/css
expires: Mon, 14 Aug 2023 08:57:58 GMT

GET
H2 200 cmbv2.js Show response
www.thefandom.site/detroitchicago/ 86 KB
25 KB 86ms
84ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf6d705d74ebdb073c33ddff97c38624506eb0f45f7ab4be6df1b2952df8456c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET void(0)
/ 0
0

GET
H2 200 fontawesome-webfont.woff2
components.mywebsitebuilder.com/fonts/ 75 KB
76 KB 10ms
4ms Font
application/octet-stream 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://components.mywebsitebuilder.com/fonts/fontawesome-webfont.woff2
Requested by: Host: components.mywebsitebuilder.com
URL: https://components.mywebsitebuilder.com/fonts/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://components.mywebsitebuilder.com/fonts/font-awesome.css
Origin: https://www.thefandom.site
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 14 Aug 2022 19:23:30 GMT
age: 2180002
x-guploader-uploadid: ADPycdtV7av4zIyxuIhk7n7fxUgnKw1mFbRySOQ_OnQRwDAKHLmSNfWD4z7elqW9vaCL7WNuHmvpYuXNcKKNlC3Q0MnZwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77160
last-modified: Tue, 16 Jul 2019 09:58:09 GMT
server: UploadServer
etag: "af7ae505a9eed503f8b8e6982036873e"
x-goog-hash: crc32c=hGsrhw==, md5=r3rlBanu1QP4uOaYIDaHPg==
x-goog-generation: 1563271089052469
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=31557600
x-goog-stored-content-length: 77160
accept-ranges: bytes
content-type: application/octet-stream
expires: Mon, 14 Aug 2023 19:23:30 GMT

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb0dd1ff1ea3cbbe20203aa273f433d5282bc24d282fa0b7b08ef4ed75d56c91

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cad91c078865656c6870d149e88b8d417d3ad5886c75fdc1726c00a517e2e40e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0157dafdf66bc4a031c6f20efc6f20e5076b07fa7a837576c13726614a58b015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H2 200 m
images.builderservices.io/s/cdn/v1.0/i/ 1 KB
2 KB 58ms
44ms Image
image/jpeg 2606:4700::6812:9709
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.builderservices.io/s/cdn/v1.0/i/m?url=https%3A%2F%2Fimages.unsplash.com%2Fphoto-1462556791646-c201b8241a94%3Fcrop%3Dentropy%26cs%3Dtinysrgb%26fit%3Dmax%26fm%3Djpg%26ixid%3DMnw1NTEzfDB8MXxzZWFyY2h8N3x8Zm9ydW18ZW58MXx8fHwxNjQ5MTk4ODUw%26ixlib%3Drb-1.2.1%26q%3D80%26w%3D20

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9709 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d071d7f96e8b39db17e50ea3bb68906a23e3e6d22790b6ef4bf312b12e9e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-engine: cloud
date: Fri, 09 Sep 2022 00:56:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 2603414
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1024
x-served-by: cache-sjc10041-SJC, cache-tyo11966-TYO
last-modified: Tue, 09 Aug 2022 21:46:38 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-imgix-id: 74230a3440527a2b2e4e9c99f1bf371ec179faa0
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 747bf7708dcd340e-NRT
access-control-allow-headers: *

GET
H2 200 navigation-2.js Show response
www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/navigation-2/ 4 KB
2 KB 155ms
155ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/themes/wb4wp-wordpress-theme-production/dist/navigation-2/navigation-2.js?ver=1.0.1296
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b4129c8fd1bbaf82f9d0f1ec86d53d89ed6c48283755cc25df75f36cdcd36091

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;a2e1566005ff570322b2f8c55d5f1497;2-339608-11;c1ce64d9-9577-48dd-7359-490dec3a731a
x-middleton-display: staticcontent_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-nginx-cache: WordPress
response: 200
server: nginx
x-origin-cache-control: max-age=300
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.00% 4515 / 4515

GET
H2 200 augusta.js Show response
www.thefandom.site/detroitchicago/ 2 KB
1008 B 72ms
72ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/augusta.js?cb=24
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 958

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 466 B
882 B 172ms
158ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037a097ab5eafa9c268066bdc337cd0c818ab42c5e3df824c67831bbe8abc2e9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVhDqU%2FuSb3acgfEPD9xuG1WJyzeZx%2F6VWnLkNOUNpl172sQ17YMkkIgRGznwQhVkFO4GQtbeGzhOLLS1tyxDuWVQDfiRKNhdMMSDyrmMYSbFRVn18tidxSWLyT7%2F99ytdS4Amct5iFRZ5nnSaNtNnGyRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 747bf770ad420ac8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 31ms
5ms Image
image/png 2600:9000:21b7:fc00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b7:fc00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 03 Sep 2022 20:37:25 GMT
via: 1.1 6c7e03e66e1dde44c26eb488f2fde8d8.cloudfront.net (CloudFront)
x-sol: middleton
age: 447568
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: nBMyGb5_mdcDu9QtLbVMq4WLo9NcqhsA4dFwF4BYp0CSIKplK94kXw==
last-modified: Fri, 19 Aug 2022 20:15:27 GMT
server: nginx
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: NRT57-C4
display: staticcontent_sol
expires: Sat, 10 Sep 2022 20:37:24 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ 344 KB
121 KB 139ms
100ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97db3394ee8b77e2aa9643143e178905f3d2d3c831a189c040f290e683d1859f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124214
x-xss-protection: 0
server: cafe
etag: 4027428671211511138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 00:56:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame F8B8 10 KB
5 KB 44ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

age: 16656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 20:19:16 GMT
etag: 8616628553774171045
expires: Thu, 22 Sep 2022 20:19:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v23/ 14 KB
14 KB 43ms
3ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400|Montserrat:400&display=optional

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thefandom.site
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 06 Sep 2022 17:07:31 GMT
x-content-type-options: nosniff
age: 200961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 17:07:31 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXp-obK4.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 44ms
4ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXp-obK4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400|Montserrat:400&display=optional

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1c3bd570a7aaf3487ab464c8d677417b2d84ed3420b7c8f8589aad9c3f564e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thefandom.site
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 03 Sep 2022 13:24:49 GMT
x-content-type-options: nosniff
age: 473523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:24:49 GMT

GET
H3 200 / Show response
basher.ezodn.com/ 780 B
980 B 17ms
10ms XHR
application/json 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=339608&bf=36&dc=1254144
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/porpoiseant/banger.js?cb=195-0&bv=153&v=63&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c42521cbac8e8aeb57aa02d9edce74679fe00b13eb7fded6ac39379d3956f50

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.thefandom.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71IvPRLltsruuIZKPBOIrEFhVLdHSkxKusXDT7jYoKUAGqHR7UJq3hH2Bxs7GpCnoJwR9h8%2BeXK2iaCBX2l%2FNhW1yI1GOlODkIPaA7SnqNGGbhLgCBHN1LxYM5RqT7i3t%2FDBq73BVVI9IXH5BlxU"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
cache-control: public, max-age=84400
cf-ray: 747bf770fdf0afdf-NRT
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 20ms
8ms Preflight
application/json 2606:4700:3036::ac43:a1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=339608&bf=36&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://www.thefandom.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.thefandom.site
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 747bf770ed4b807e-NRT
content-length: 0
content-type: application/json
date: Fri, 09 Sep 2022 00:56:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlkv%2FGJ01aHUMW2mR3WMsSPGt%2BK9oKwex0Ogek49HtEWDhYBiZyX1Zu%2BBtOsCC3wWj5g1dZOvSC4D9uq3pwVAaIxsYtsE0AuX6ClPQ%2F6YUG4lRp8oZQGrUNooCIqnD3W0UJ58Ua3rc5gOlzLk%2FBO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 nmash.js
www.thefandom.site/porpoiseant/ 26 KB
6 KB 73ms
72ms Other
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/nmash.js?v=153
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f44671ca5b51ef1cebfe818c18c2cddf9790f920511007809aea47010ad148f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
last-modified: Thu, 08 Sep 2022 23:25:07 GMT
server: nginx
etag: "6700-5e832bd691aff;5e813f8d0a800-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 imp.gif Show response
www.thefandom.site/detroitchicago/ 43 B
182 B 492ms
491ms XHR
image/gif 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A14%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%224%2C2%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A1%2C%22bidder_method%22%3A6%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Tokyo%22%2C%22country%22%3A%22JP%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A339608%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A2%2C%22framework_id%22%3A2%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%222002%2C2100%2C2162%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22dc3e53ab-111a-4215-588f-50ba2243f8e6%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22140-0001%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A241482%2C%22response_time_orig%22%3A77%2C%22serverid%22%3A%2254.151.165.150%3A9895%22%2C%22state%22%3A%2213%22%2C%22sub_page_ad_positions%22%3A%222100%2C2162%2C2240%22%2C%22t_epoch%22%3A1662685011%2C%22template_id%22%3A135%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.thefandom.site%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A137%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 49
expires: Thu, 08 Sep 2022 00:56:53 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 369ms
80ms Script
application/javascript 2620:116:800e:21:c338:3a39:7c0b:1a51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:c338:3a39:7c0b:1a51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
etag: "3K3nn1ChiYCKxJYFUmbsHw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 16 Sep 2022 00:56:52 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/webp

GET
H2 200 cmbdv2.js Show response
www.thefandom.site/detroitchicago/ 41 KB
10 KB 79ms
79ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5y5c-22&cmbcb=108&sj=x03x0cx18x5c&abt=BidFloorMethod
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 22ae2f71e75c39947b057edd2b0ec19b454174604be58772f2b60c8fc335c28c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
2ms Script
text/javascript 2404:6800:4004:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197911823-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4664
date: Thu, 08 Sep 2022 23:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 09 Sep 2022 01:39:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 94ms
55ms Script
application/javascript 2404:6800:4004:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VN9CQ92YXT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197911823-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a5cd896a14da7b13de3953328383ea11ee3c1d9b008ae5d99f8239a9bc20209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64405
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:52 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 74ms
37ms XHR
text/plain 2404:6800:4004:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1242871617&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thefandom.site%2F&ul=en-us&de=UTF-8&dt=The%20Fandom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1746908561&gjid=1627544709&cid=138620682.1662685013&tid=UA-197911823-2&_gid=1659880445.1662685013&_r=1&gtm=2ou970&did=dZTNiMT&gdid=dZTNiMT&z=149138687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thefandom.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 houston.js Show response
www.thefandom.site/detroitchicago/ 6 KB
2 KB 73ms
73ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/houston.js?gcb=0&cb=26
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5835134625d3c6de861f9db3570963c9aca75a9435480b5a54732887a6c654c4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H3 200 css
fonts.googleapis.com/ 3 KB
3 KB 92ms
45ms Image
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.googleapis.com/css?family=Lato:400|Montserrat:400&display=optional

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 09 Sep 2022 00:56:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:52 GMT

GET
H3 200 font-awesome.css
components.mywebsitebuilder.com/fonts/ 30 KB
30 KB 13ms
5ms Image
text/css 35.190.14.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://components.mywebsitebuilder.com/fonts/font-awesome.css
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 35.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 14 Aug 2022 08:57:58 GMT
age: 2217534
x-guploader-uploadid: ADPycdsJ9lK2sCpzAqJr_vqbdHs05BNiK78DmDaSD-Vj_vWdVsRitQWbgejD7aprAwpqSoigRLs-EJqZ5K45a0y19jIDbQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30748
x-goog-meta-
last-modified: Fri, 18 Dec 2020 10:13:33 GMT
server: UploadServer
etag: "9f3af79fa00509146c92bd91454d4eaf"
x-goog-hash: crc32c=ghVUSQ==, md5=nzr3n6AFCRRskr2RRU1Orw==
x-goog-generation: 1608286413516447
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: Cache-Control:public,max-age=315360001
x-goog-stored-content-length: 30748
accept-ranges: bytes
content-type: text/css
expires: Mon, 14 Aug 2023 08:57:58 GMT

GET
H3 200 pubads_impl_2022090701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 57ms
3ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 07 Sep 2022 11:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133090
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 08:36:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Sep 2023 11:00:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 120 B
122 B 96ms
41ms XHR
application/json 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thefandom.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd04e772871e4aae2602a75846a098ef3038878561a31d92117c541100a7777f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:52 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 41ms
40ms Ping
text/plain 2404:6800:4004:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VN9CQ92YXT&gtm=2oe970&_p=1242871617&gdid=dZTNiMT&cid=138620682.1662685013&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662685012&sct=1&seg=0&dl=https%3A%2F%2Fwww.thefandom.site%2F&dt=The%20Fandom&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VN9CQ92YXT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:811::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thefandom.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 33ms
27ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 01:26:53 GMT
server: cloudflare
age: 5033
etag: W/"6317f35d-3bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUpRQHme5aUBehrkLqcIGdN9NNrsIMtF9Bjz%2Bh8oJW3VdvFIt6KrGmLHE%2Bnu2D4j37kwuti1z%2BjrASwQxGE0t%2BuVK7EgE5wClNXZKk%2BtXnPBoalpkMWTkqj1BTYMSPi4A2oyxZTs8HmZqG4%2BiBsc%2FO%2BANA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 747bf771bffc8a7a-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
699 B 86ms
42ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.thefandom.site&callback=_gfp_s_&client=ca-pub-1977616398727154&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d348cc646723bcafcc51d495d5c9c21e9a79b6f0917e48ed63d1c84206b1652b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 249ms
42ms Script
application/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.thefandom.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
39ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thefandom.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 00:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.thefandom.site%2F&tn=DIV&id=ezmobfooter&cls=ezmob-footer%20ezoic-floating-bottom%20ezo_ad%20ezmob-footer-mobile&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 209 B
681 B 61ms
3ms Script
application/javascript 2600:9000:20c4:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c4:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:06:04 GMT
via: 1.1 824e6beeecb84e4058f4ad4873041b2c.cloudfront.net (CloudFront)
age: 3050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Sun, 28 Aug 2022 10:04:35 GMT
server: AmazonS3
etag: "2c2aa94f66b2314987910c0f30e6c098"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: NRT57-C2
accept-ranges: bytes
x-amz-cf-id: SMOdQBxYtFcpr3kaVWfk-lkzZFaiym3AhxciwSGGv52W4un-HqnTfQ==

POST
H3 200 x Show response
api.fouanalytics.com/api/ 0
461 B 522ms
517ms XHR
text/plain 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?726cN9DOoFMyqP2A$dXJsJDAkaHR0cHM6Ly93d3cudGhlZmFuZG9tLnNpdGUvIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTYwMHgxMjAwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkMSIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKGlQaG9uZTsgQ1BVIGlQaG9uZSBPUyAxNF83XzEgbGlrZSBNYWMgT1MgWCkgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzE0LjEuMiBNb2JpbGUvMTVFMTQ4IFNhZmFyaS82MDQuMSIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZGV2aWNlTWVtb3J5JDEkOCIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkNCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJGlQaG9uZSIsInByb2R1Y3QkMSRHZWNrbyIsInByb2R1Y3RTdWIkMSQyMDAzMDEwNyIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChpUGhvbmU7IENQVSBpUGhvbmUgT1MgMTRfN18xIGxpa2UgTWFjIE9TIFgpIEFwcGxlV2ViS2l0LzYwNS4xLjE1IChLSFRNTCwgbGlrZSBHZWNrbykgVmVyc2lvbi8xNC4xLjIgTW9iaWxlLzE1RTE0OCBTYWZhcmkvNjA0LjEiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIndlYmRyaXZlciQxJGZhbHNlIiwibmF2aWdhdG9yLWhhc2gkNSQ0YzZiMWZhMSIsIm5hdmlnYXRvci10aW1lJDUkMy44Iiwic2VuZEJlYWNvbiQ1JDEiLCJmb250cmVuZGVyJDckMSIsInRpbWUkNyQxNjYyNjg1MDEyNzk3IiwidGltZXpvbmUkNyQwIiwicGx1Z2lucy10aW1lJDckMCIsInBsdWdpbnMkNyRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkOCQxMCIsIm1lbS11c2VkSlNIZWFwU2l6ZSQ4JDEwIiwibWVtLWpzSGVhcFNpemVMaW1pdCQ4JDM3NjAiLCJ0aW1lLWZldGNoU3RhcnQkOCQxMzExIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ4JDEzMTMiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ4JDEzNjQiLCJ0aW1lLWNvbm5lY3RTdGFydCQ4JDEzNjQiLCJ0aW1lLWNvbm5lY3RFbmQkOCQxNTIxIiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkOCQxNDM0IiwidGltZS1yZXF1ZXN0U3RhcnQkOCQxNTIyIiwidGltZS1yZXNwb25zZVN0YXJ0JDgkMjE5MSIsInRpbWUtcmVzcG9uc2VFbmQkOCQyMzI5IiwidGltZS1kb21Mb2FkaW5nJDgkMjE5NSIsInRpbWUtZG9tSW50ZXJhY3RpdmUkOCQyNTMwIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ4JDI1MzAiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ4JDI1MzAiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkOCQwIiwibmF2aWdhdGlvbi10eXBlJDgkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTQkMC4zIiwiZ2xvYmFscyQxNCQ1MTU5ZjczYyIsImRvY3VtZW50LXRpbWUkMjAkMC45IiwiZG9jdW1lbnQkMjEkNzk1OTYwN2EiLCJjb25uZWN0aW9uJDIxJCIsImRvd25saW5rTWF4JDIxJCIsImdldFVzZXJNZWRpYSQyMSQyIiwicGFnZS1mcmFtZS1jb3VudCQyMSQxIiwicGFnZS1mcmFtZS1saXN0JDIxJDB4MCNnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQiLCJwYWdlLWhhc2gtdGltZSQyNCQyLjgiLCJwYWdlLWhhc2gkMjQkMDVmZGZhMDMiLCJmb250JDMyJDEwMDAwMDAiLCJzdHlsZS1oYXNoJDMzJGY0ZGVkMTVjIiwic3R5bGUtdGltZSQzMyQwLjQiLCJhdWRpby1jb2RlYyQzMyQyMjIxMiIsInZpZGVvLWNvZGVjJDM0JDIyMjAwMCIsImNsb2NrJDM5JDYyMjgiLCJzb3J0JDQ4JDkuOCIsInN0YWNrJDUwJDEzOTU1Iiwic3RhY2stZXJyb3IkNTAkUmFuZ2VFcnJvcjogTWF4aW11bSBjYWxsIHN0YWNrIHNpemUgZXhjZWVkZWQiLCJzdGFjay10aW1lJDUwJDEuMSIsIndlYmdsJDU0JDEiLCJ3ZWJnbDIkNTQkMSIsIndlYmdsLXZlbmRvciQ1NCRJbnRlbCBJbmMuIiwid2ViZ2wtcmVuZGVyZXIkNTQkSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIiwid2ViZ2wtZXh0ZW5zaW9ucyQ1NCQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkNTQkNC4zIiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQ1NiRwcm9tcHQiLCJiYXR0ZXJ5JDU2JDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDU3JGY3ZTcxMmQ5IiwiYXVkaW9jb250ZXh0LXRpbWUkNTckMjIuNiIsImludGVyc2VjdGlvbi1zaXplJDU4JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQ1OCQ0NCIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQ1OCRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQ1OCRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkNTgkcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkNTgkcHJvbXB0IiwiYWRibG9jayQxMzQkMCIsImZyYW1lcmF0ZSQxNDEkODA~
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FKpdZSxPGzy9NtzuBtGMakyCOUQT%2B8GMmyZ%2FQLQQbOfcTY1KteHkzBzhltm3imse0ng1AUGJQqk4RR852LozMtVDlnJi8iqk6GmmB%2FmExd4fO%2FUC%2BfIHOkmQiQlQ0Vd3PpYuTqcYaYh3imf3OEZXX9Bfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 747bf773da09af4f-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
530 B 39ms
11ms Image
image/gif 2600:9000:20c4:1a00:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=394486860;fpan=1;fpa=P0-1860803659-1662685013093;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;us_privacy=1---;d=thefandom.site;dst=0;et=1662685013093;tzo=0;url=https%3A%2F%2Fwww.thefandom.site%2F;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%20-%20The%20Fandom%2Cdescription.Search%20The%20Fandom%3A%2Curl.https%3A%2F%2Fwww%252Ethefandom%252Esite%2F%2Csite_name.The%20Fandom

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c4:1a00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 14:30:09 GMT
via: 1.1 1ea6da116083fc60c507da0ebeef580e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 37605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Origin
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
strict-transport-security: max-age=31536000
content-type: image/gif
x-amz-cf-pop: NRT57-C2
accept-ranges: bytes
x-amz-cf-id: -NN7iZEM4xBsEnsDMiR2KMKRDpA17Jyodl2YFd5qMEbkvcdBHpB2Jg==

GET
H2 200 pixel;r=281478099;labels=Domain.thefandom_site%2CDomainId.339608;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.thefandom.site%2F;uht=2;fpan=0;fpa=P0-1860803659-1662685013093;pbc=;ns=0;ce=1;qjs=1;qv=...
pixel.quantserve.com/ 35 B
324 B 89ms
79ms Image
image/gif 2620:116:800e:21:c338:3a39:7c0b:1a51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=281478099;labels=Domain.thefandom_site%2CDomainId.339608;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.thefandom.site%2F;uht=2;fpan=0;fpa=P0-1860803659-1662685013093;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;us_privacy=1---;ref=;d=thefandom.site;dst=0;et=1662685013095;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%20-%20The%20Fandom%2Cdescription.Search%20The%20Fandom%3A%2Curl.https%3A%2F%2Fwww%252Ethefandom%252Esite%2F%2Csite_name.The%20Fandom;ses=ec652741-d95f-4515-bea2-19a2be23fbcd
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:c338:3a39:7c0b:1a51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A583 3 KB
653 B 145ms
104ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&adk=1812271804&adf=3025194257&lmt=1662685013&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thefandom.site%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=297&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&nras=1&correlator=5619173424502&frm=20&pv=2&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=611

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5bc6383bdbb68f33436c993ff2867651001eee42ab27c3770a9dfc56fc95891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 630
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 00:56:53 GMT
expires: Fri, 09 Sep 2022 00:56:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5EC 73 KB
27 KB 633ms
612ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&h=250&adk=1230032942&adf=2086955607&w=1200&fwrn=4&fwrnh=100&lmt=1662685013&rafmt=12&psa=0&channel=6001098654&format=1200x250&url=https%3A%2F%2Fwww.thefandom.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rh=250&rw=1600&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=390&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&prev_fmts=0x0&nras=1&correlator=5619173424502&frm=20&pv=1&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r2q1dtS53E&p=https%3A//www.thefandom.site&dtd=634

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49d3040ef33fe291474733409526cabe7cf7ff3c544580b9e919beb96f90f547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27619
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 00:56:53 GMT
expires: Fri, 09 Sep 2022 00:56:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 763ms
762ms XHR
text/plain 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2496680220586939&correlator=3950971899413148&eid=31069444%2C31069101%2C31067826&output=ldjh&gdfp_req=1&vrg=2022090701&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22689233528%2Cthefandom_site-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&ifi=3&adks=1567574617&sfv=1-0-38&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D1460819727608560%26eid%3D1460819727608560%26t%3D135%26d%3D339608%26t1%3D135%26pvc%3D0%26ap%3D2100%26sap%3D2100%26as%3Drevenue%26plat%3D2%26bra%3Dmod74%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D2005%26compid%3D0%26tap%3Dthefandom_site-medrectangle-2-1460819727608560%26eb_br%3D8c5ffefb122f59a66a8b7672d4452af2%26eba%3D1%26asau%3D1807571345%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26br1%3D36%26br2%3D18%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3676&eri=1&sc=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&abxe=1&dt=1662685013238&lmt=1662685013&dlt=1662685012399&idt=464&adxs=640&adys=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thefandom.site%2F&frm=20&vis=1&psz=320x-1&msz=320x-1&fws=512&ohw=0&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a777af2234c2dcbce48c7fca49ea8274a8d8bda3a6bfa7423adac685a09c470b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12409
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thefandom.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCFA 6 KB
4 KB 169ms
38ms Document
text/html 2404:6800:4004:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 00:56:53 GMT
expires: Sat, 09 Sep 2023 00:56:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-1977616398727154 Show response
fundingchoicesmessages.google.com/i/ 105 KB
37 KB 177ms
99ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1977616398727154?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17465183edee9f68d56a5c99ffeb68fa50abbcb653612856a06e013ae7163502

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-zEy-yVZg6G6ae9CXKowbDA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-zEy-yVZg6G6ae9CXKowbDA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUgGKjMDkbnxHC-3kZ71eDHKa9bPNavYGGEp2XJpdHaGNPechPkESNqRbTpve5Jt0VVXFCr4iINliHC_us2Kw== Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 149ms
111ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUgGKjMDkbnxHC-3kZ71eDHKa9bPNavYGGEp2XJpdHaGNPechPkESNqRbTpve5Jt0VVXFCr4iINliHC_us2Kw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyNjg1MDEzLDY3NDAwMDAwMF0sIjBCNkMyQTkzLUU4M0UtNDYwQy05MDIyLTFGRDJEMTQ5RkUxNiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnRoZWZhbmRvbS5zaXRlLyIsbnVsbCxbWzgsIk9ERGhZM1Y0VVVnIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ODDhY3V4UUg.es5.O/d=1/rs=AJlcJMyv9tTrSjDCpk3VETgsmx50Xtd0Sw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d015207735e68e0dadebb02eb76d38efb4f2929c3b77924ce46d4a817c0acbac

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-yEEWPcF1Nb95Z_ghp7Bc2Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-yEEWPcF1Nb95Z_ghp7Bc2Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F5EC 6 KB
680 B 41ms
41ms Stylesheet
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&h=250&adk=1230032942&adf=2086955607&w=1200&fwrn=4&fwrnh=100&lmt=1662685013&rafmt=12&psa=0&channel=6001098654&format=1200x250&url=https%3A%2F%2Fwww.thefandom.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rh=250&rw=1600&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=390&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&prev_fmts=0x0&nras=1&correlator=5619173424502&frm=20&pv=1&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r2q1dtS53E&p=https%3A//www.thefandom.site&dtd=634

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24ce51c04774ebdfc8b33a84fa345e5917f453183a757919294b124eae261a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 09 Sep 2022 00:56:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F5EC 2 KB
982 B 48ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 00:56:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame F5EC 23 KB
10 KB 46ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 00:55:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F5EC 3 KB
1 KB 45ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 00:51:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5EC 141 KB
44 KB 100ms
61ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Sep 2022 00:56:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F5EC 17 KB
8 KB 47ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 00:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F5EC 0
0 78ms
37ms Image
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9-f9frW0Uj_QgfHgL0ufUwLOeOJYX_Oa7qAYA-5FHH79Fq7R89sCLsqUHMTo89PWKlGLXfKpkWITfarrOKPBZmN-qkg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&h=250&adk=1230032942&adf=2086955607&w=1200&fwrn=4&fwrnh=100&lmt=1662685013&rafmt=12&psa=0&channel=6001098654&format=1200x250&url=https%3A%2F%2Fwww.thefandom.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rh=250&rw=1600&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=390&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&prev_fmts=0x0&nras=1&correlator=5619173424502&frm=20&pv=1&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r2q1dtS53E&p=https%3A//www.thefandom.site&dtd=634
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 8e474446b56ed6ef0feeec2d987f1a60.js Show response
www.gstatic.com/mysidia/ Frame F5EC 33 KB
14 KB 82ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 01:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 01:07:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F5EC 0
17 B 46ms
45ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNs03VY8aY5SKEYaRpt8Ptt2b4AnJ1ZCabLe1rcXPDdH22Ke9FBABIIPeymVgifPFhPQToAHOnaKCA8gBCakC5ebLuVLGsD6oAwHIA8sEqgSUAk_Q0O7KJp1YnqgNF63eb7bjr0IZLGUy7tEXG8eC3Kp1FFdlAw5Fvsaxhb660Fm_AVjrAu5W6Tt4nG6Y8Nyz7FQX2vICnx5Z7MCm15nRAY0oqXLUpMbPz2iWK2PtaTXq7QyAvlUBJL_dfTeMjUYNPZhd588ub9LRmpaVC7aFSkR3Ziw8Tl_PKS0UfUUbXvrygrxczuzEfUNxz65BF-hFzSfzUU7udXq5aFWQQD7L4tt3WfR56x-HiXmc1FxYz1_9X2R1QkPZTro6g2qkv-9mnYOXgV1jY9n5Mh_uGh8NJHxhzHdvKUA58pnKIA1TZFCMHjgeOYHV6y-qca6eP4b37Y66hAqyhBCnZP3bY3XPi77ceDNvEsAEkMXcspsCiAW9gKv-BJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYu2AYCgAea4t19qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3KgSoAidzT2wCALSCBAIiGEQARgfMgOKggE6AoBAgAoByAsBuBPkA9gTDYIUFBoSd3d3LnRoZWZhbmRvbS5zaXRliBQC0BUBmBYBgBcBshccChoIABIUcHViLTE5Nzc2MTYzOTg3MjcxNTQYAA&sigh=L0Izj60FhbI&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1977616398727154&output=html&h=250&adk=1230032942&adf=2086955607&w=1200&fwrn=4&fwrnh=100&lmt=1662685013&rafmt=12&psa=0&channel=6001098654&format=1200x250&url=https%3A%2F%2Fwww.thefandom.site%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rh=250&rw=1600&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662685012589&bpp=2&bdt=190&idt=390&shv=r20220907&mjsv=m202209010201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D319975cfba8e3c4c-22d3bcb947d60078%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw&gpic=UID%3D0000099d81483a39%3AT%3D1662685012%3ART%3D1662685012%3AS%3DALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw&prev_fmts=0x0&nras=1&correlator=5619173424502&frm=20&pv=1&ga_vid=138620682.1662685013&ga_sid=1662685013&ga_hid=1242871617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1371&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067826&oid=2&pvsid=2496680220586939&tmod=966112361&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r2q1dtS53E&p=https%3A//www.thefandom.site&dtd=634
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 09 Sep 2022 00:56:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13622205514469464886/ Frame F5EC 21 KB
21 KB 36ms
5ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13622205514469464886/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2e870972e45bf8a3a666b5926f155265757cd8184585ed9aac9d7fff09bcd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 06 Sep 2022 01:46:58 GMT
x-content-type-options: nosniff
age: 256195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Tue, 22 Jan 2019 12:55:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Sep 2023 01:46:58 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15795884452007116990/ Frame F5EC 3 KB
4 KB 37ms
6ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15795884452007116990/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad4136914a8f5ae964a9f987506a2e285a67f50ea83acd27ec82aa37d3791ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 02:44:34 GMT
x-content-type-options: nosniff
age: 79939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3556
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 09:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Sep 2023 02:44:34 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 12ms
3ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Aug 2022 16:59:11 GMT
content-encoding: gzip
age: 2102263
x-guploader-uploadid: ADPycdsN-x5jJ2NSdzcHlb2gKwVmE9E7EnjleskaQLwoQRTJMAYodCk7HTDnll6lv1KEkUKzlKKa5tFzsZ-e1uQtkdcjLH-eY7lP
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 15 Aug 2023 16:59:11 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 18ms
8ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

78944548d2909bc65713ad586777137f5a3725e7eea74ae4d51b41d5edd628b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 21:49:00 GMT
server: nginx
etag: W/"630fd74c-a143"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Sep 2022 00:56:54 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
903 B 401ms
131ms Script
application/javascript 34.208.243.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
cache-control: public, max-age=86400
last-modified: Thu, 8 Sep 2022 21:29:12 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 25ms
12ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 09 Sep 2022 00:56:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 2035
etag: W/"c7c919b353e8ba2ee51dc077f03d29d1"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 747bf779baaae3bf-NRT
x-amz-request-id: FG8W2JDDYTV7HG1R
x-amz-id-2: EaBuuNoCh0cwPm8gzlNek+5lCAZOcVOJpHJe3EvrsTatSIaF7J3O2Wi4nCKEncfrTb+af6AOi+w=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 12ms
3ms Script
text/javascript 34.96.70.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:44:17 GMT
via: 1.1 google
age: 757
x-guploader-uploadid: ADPycduCxQsXV87jjn5lvha3uxKEhUKfexJ23VTdoO6oyDgGxM5VU2CAMi0NpLNoYV12wDjcs4ha_VwQ0R3i1SRRyIOEzltdNr9r
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-generation: 1659113709880056
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 09 Sep 2022 01:44:17 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 29 KB
9 KB 51ms
2ms Script
text/javascript 99.84.140.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.140.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-140-54.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 22:50:55 GMT
content-encoding: gzip
etag: W/"2fa1275c04d6208db458c1ec8559f92d"
last-modified: Tue, 19 Jul 2022 18:12:40 GMT
server: AmazonS3
age: 7560
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 444dd98227f76138f1b774980ac5d496.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: NRT57-C3
x-amz-cf-id: 3dblszW0_Laf_yX-AT8tjDdNN7d36ZcHD-qFxDFAMfiI-KqI_A5Fvg==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 559ms
186ms Script
application/javascript 18.225.2.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.225.2.19 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-225-2-19.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
DATA 200
OK truncated
/ Frame F5EC 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eef1d948fb9476ca3cd570288c43a3dc93b09ed9e7330f85fe525c276ededdfe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 84F1 221 KB
61 KB 168ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 276602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Mon, 05 Sep 2022 20:06:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Sep 2023 20:06:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 84F1 14 KB
5 KB 171ms
7ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Wed, 07 Sep 2022 20:46:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 07 Sep 2023 20:46:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 84F1 94 KB
28 KB 171ms
7ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 338901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 05 Sep 2022 02:48:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Sep 2023 02:48:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 84F1 5 KB
2 KB 173ms
9ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 101446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Wed, 07 Sep 2022 20:46:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 07 Sep 2023 20:46:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 84F1 40 KB
13 KB 173ms
10ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 330846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Mon, 05 Sep 2022 05:02:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Sep 2023 05:02:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 84F1 9 KB
872 B 62ms
62ms Stylesheet
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500,700&lang=ja

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e11b3bd7c0b1585b602508bf3ac9a99bb1122bbd5433b82ef9f75caf72ed95d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 09 Sep 2022 00:56:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 84F1 115 KB
30 KB 77ms
76ms Stylesheet
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:400,500,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090701.js?cb=31069444

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6af616f9c0a320b9a5761667869c3193317cea3ed1f75115521a4028daad603c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
date: Fri, 09 Sep 2022 00:56:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 09 Sep 2022 00:56:54 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 84F1 3 KB
3 KB 44ms
3ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 22:04:41 GMT
x-content-type-options: nosniff
server: cafe
age: 10333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15880770647744369592
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Fri, 09 Sep 2022 22:04:41 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 84F1 344 B
368 B 42ms
2ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 18:56:09 GMT
x-content-type-options: nosniff
server: cafe
age: 21645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 09 Sep 2022 18:56:09 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17686762107508921556/ Frame 84F1 2 KB
2 KB 87ms
47ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17686762107508921556/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8ISxABHQAAtEIgACgBMAY4A0CAwtcvSAFQAFgAYEtwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgImAEQUBgBIAEtAAAAPzCYAThQRQAAgD8&rs=AOga4qlZp51ojIE3MyaoL79w7w1JcB17zw

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5fe832de724daf3d7fe885158280a2dfcae8de179b42ae310bae7e61ab19a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2376
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 01:20:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Sep 2023 00:56:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 84F1 0
0 43ms
42ms Image
text/html 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJLPaVY8aY6SSFIf69gXp5pzoCaGe6Mxl_P6gn9oOloLNhYgWEAEg9PnGJWCJ88WE9BOgAc2ryfADyAEGqQJACup2MFthPuACAKgDAcgDCqoErgJP0Izlryr3pf4M_acc9q1qCkD0EvG4yVxXlaXGIOqS2ViGlVZZY4gqmKxU8DIJcNhQk-_srN_l6od7jSWfo4vHdRYg-WjAccuvqw5BcspzTnlJtDcrZnIpHLe4pv29pMcSm0ZJzuQvVh8hA4T_ZIpJOMMyz6MwQWEu9IDnXUQvmWtdL-7u5y2Xg1VxR0sIfMhQQZIK331J-OwoBQzznMNSgAzwgozuYUZYxnSM-EXzydiyQyRMdOR3V1MlKRTyRE5TrTmvgsOBZttx0HnTqAhFObOnXpDfzzHt-iqWtRoPLp8EZ6mq4-lxuoACtfeWYJdPSKpnYxVllXVtGalAOr22knxVDCp9YqdfrUl2F8PILzZizk11ws6Eo-veaWFSy2GgeJcXbFwY14kYeFDPC8AEq66B2N8D4AQBiAW5u9OtN5IFBAgEGAGSBQQIBRgEoAY32AYCgAeb1LYPqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ27oXoAidzT2wCALSCBAIiGEQARgdMgOKggE6AoBAgAoDyAsB2BMNghQUGhJ3d3cudGhlZmFuZG9tLnNpdGWIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOBi-yQc&sigh=IHd9jkWrhrY&uach_m=[UACH]&template_id=492
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 84F1 0
0 76ms
36ms Image
text/html 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_t8-ge_yqheL14J5VGNT7Pox8pfQLq0bp2HA2bqOUDFe0DzRo_uXaJ7xikUTkGIUzjOlX6ndqsVv7DUgc05DdcmwwoQ
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 greenoaks.gif Show response
www.thefandom.site/detroitchicago/ 0
90 B 71ms
70ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJkb21haW5faWQiOiIzMzk2MDgiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZGMzZTUzYWItMTExYS00MjE1LTU4OGYtNTBiYTIyNDNmOGU2IiwiZG9tYWluX2lkIjoiMzM5NjA4IiwidF9lcG9jaCI6MTY2MjY4NTAxMSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDktMDkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImRjM2U1M2FiLTExMWEtNDIxNS01ODhmLTUwYmEyMjQzZjhlNiIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInRfZXBvY2giOjE2NjI2ODUwMTEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImRjM2U1M2FiLTExMWEtNDIxNS01ODhmLTUwYmEyMjQzZjhlNiIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInRfZXBvY2giOjE2NjI2ODUwMTEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZGMzZTUzYWItMTExYS00MjE1LTU4OGYtNTBiYTIyNDNmOGU2IiwiZG9tYWluX2lkIjoiMzM5NjA4IiwidF9lcG9jaCI6MTY2MjY4NTAxMSwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxNjEzIn1dfV0=
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
server: nginx
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 08 Sep 2022 00:56:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F5EC 11 KB
11 KB 44ms
5ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 07 Sep 2022 19:32:21 GMT
x-content-type-options: nosniff
age: 105873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11160
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:32:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F5EC 11 KB
11 KB 41ms
6ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 07 Sep 2022 19:32:29 GMT
x-content-type-options: nosniff
age: 105865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:32:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F5EC 11 KB
11 KB 39ms
7ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 05 Sep 2022 22:47:08 GMT
x-content-type-options: nosniff
age: 266986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:47:08 GMT

GET
DATA 200
OK truncated
/ Frame 84F1 459 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24a1fe04717202b35f32077f30c5ea85a0e111782ceeb99596b2496ef5f401a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 greenoaks.gif Show response
www.thefandom.site/detroitchicago/ 0
53 B 70ms
69ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJkb21haW5faWQiOiIzMzk2MDgiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjE2NDcifV19XQ==
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
server: nginx
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 08 Sep 2022 00:56:54 GMT

GET
H2 200 army.gif Show response
www.thefandom.site/porpoiseant/ 0
18 B 71ms
70ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJhZF9wb3NpdGlvbiI6MjEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0NjA4MTk3Mjc2MDg1NjAiLCJkb21haW5faWQiOiIzMzk2MDgiLCJ1bml0IjoiZGl2LWdwdC1hZC10aGVmYW5kb21fc2l0ZS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2MjY4NTAxMSwiYWRfcG9zaXRpb24iOjIxMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJKUCIsInBhZ2V2aWV3X2lkIjoiZGMzZTUzYWItMTExYS00MjE1LTU4OGYtNTBiYTIyNDNmOGU2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjhjNWZmZWZiMTIyZjU5YTY2YThiNzY3MmQ0NDUyYWYyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDYwODE5NzI3NjA4NTYwIiwiZG9tYWluX2lkIjoiMzM5NjA4IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlZmFuZG9tX3NpdGUtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjI2ODUwMTEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDM2LCJhZF9wb3NpdGlvbiI6MjEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMzYsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJhZF9wb3NpdGlvbiI6MjEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1ODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0NjA4MTk3Mjc2MDg1NjAiLCJkb21haW5faWQiOiIzMzk2MDgiLCJ1bml0IjoiZGl2LWdwdC1hZC10aGVmYW5kb21fc2l0ZS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2MjY4NTAxMSwiYWRfcG9zaXRpb24iOjIxMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJKUCIsInBhZ2V2aWV3X2lkIjoiZGMzZTUzYWItMTExYS00MjE1LTU4OGYtNTBiYTIyNDNmOGU2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
server: nginx
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 08 Sep 2022 00:56:54 GMT

POST
H2 200 army.gif
www.thefandom.site/porpoiseant/ 0
38 B 73ms
72ms Ping
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJhZF9wb3NpdGlvbiI6MjEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0wOS0wOSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thefandom.site
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 08 Sep 2022 00:56:54 GMT

GET
H2 200 army.gif Show response
www.thefandom.site/porpoiseant/ 0
17 B 74ms
73ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJhdWN0aW9uX2Vwb2NoIjoxNjYyNjg1MDE0LCJhZF9wb3NpdGlvbiI6MjEwMCwiY291bnRyeV9jb2RlIjoiSlAiLCJwYWdldmlld19pZCI6ImRjM2U1M2FiLTExMWEtNDIxNS01ODhmLTUwYmEyMjQzZjhlNiIsImJpZF9mbG9vcl9pbml0aWFsIjozNiwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjM2LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo3OTYsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-middleton-display: ezp_sol
date: Fri, 09 Sep 2022 00:56:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Thu, 08 Sep 2022 00:56:54 GMT
content-length: 0
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 army.gif Show response
www.thefandom.site/porpoiseant/ 0
17 B 74ms
74ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJhZF9wb3NpdGlvbiI6MjEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-middleton-display: ezp_sol
date: Fri, 09 Sep 2022 00:56:52 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
expires: Thu, 08 Sep 2022 00:56:52 GMT
content-length: 0
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F03A 36 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 01:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 01:56:21 GMT

GET
H2 200 esp Show response
oajs.openx.net/ 2 B
242 B 139ms
127ms Fetch
application/json 34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.thefandom.site%2F&rid=esp
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
via: 1.1 google
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thefandom.site
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 encrypt Show response
esp.rtbhouse.com/ 221 B
238 B 250ms
239ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 61f88c006454a68ef3727e4e7038592fef9678fb52b0d6cb6d2c131cbc3ff80f

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 60b4dc187087ec8397da243580a23f95
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 251ms
238ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thefandom.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.thefandom.site
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 09 Sep 2022 00:56:54 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: f09af9a9684ca0f6567d173fdb545ed7

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C32B 16 KB
6 KB 15ms
4ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.thefandom.site&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0756082b3b1a8cf93f726e342047f101b6530b6c05c9c47554412ea97530393e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.thefandom.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 00:56:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 248556
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 782ms
258ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thefandom.site
date: Fri, 09 Sep 2022 00:56:54 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 84F1 11 KB
11 KB 3ms
2ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500,700&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thefandom.site
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 05 Sep 2022 22:47:08 GMT
x-content-type-options: nosniff
age: 266986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:47:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 84F1 11 KB
11 KB 4ms
3ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500,700&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thefandom.site
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 03 Sep 2022 14:45:30 GMT
x-content-type-options: nosniff
age: 468684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:45:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C32B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&v=1&domain=thefandom.site&sn=SafariSyncframe&so=0&topUrl=https%3A%2F%2Fwww.thefandom.site&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=FFIzx3xmWmhUS2pUNGVTc3hDZ0lVdVVaMlpSZDNuUHVERktkRUhWU3A3UXNTVmZDVDBXUWpRU1ZYZDE2ekFGZmdibWJodDlZUDNsVnQ0NnBnYXVNV0kwV1hSTFBTZ1p1TlJIMDVpSHpwOW5wTUtzT3RZNGpub0s2bUd6RW...

438 B
654 B

108ms
6ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FFIzx3xmWmhUS2pUNGVTc3hDZ0lVdVVaMlpSZDNuUHVERktkRUhWU3A3UXNTVmZDVDBXUWpRU1ZYZDE2ekFGZmdibWJodDlZUDNsVnQ0NnBnYXVNV0kwV1hSTFBTZ1p1TlJIMDVpSHpwOW5wTUtzT3RZNGpub0s2bUd6RWlNelNrdzMrMWtKMFIrM0VyQkFMa0FxckVPZUFWK1VOUjNhRGtLNlRvSVk1LzZqN0JYUGZIRUdza00zUzEvK21jVUIrTXg3YWR4YXQ3SkowY2RrWGVob3V0akptUEh3TjBTQUY0NWZMYW82djJnZTFoZkE0SkFkOFV4aHdJZHN4enVBa083VXJyd01OWFM2alFEbUVFV1VBZCt2VmJsQT09fA&cppv=2

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

2511c9a9aab8bb9088fa965d5767cf8f88f3e5e578342e8856d46d750cedc3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:53 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1278385
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:53 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=FFIzx3xmWmhUS2pUNGVTc3hDZ0lVdVVaMlpSZDNuUHVERktkRUhWU3A3UXNTVmZDVDBXUWpRU1ZYZDE2ekFGZmdibWJodDlZUDNsVnQ0NnBnYXVNV0kwV1hSTFBTZ1p1TlJIMDVpSHpwOW5wTUtzT3RZNGpub0s2bUd6RWlNelNrdzMrMWtKMFIrM0VyQkFMa0FxckVPZUFWK1VOUjNhRGtLNlRvSVk1LzZqN0JYUGZIRUdza00zUzEvK21jVUIrTXg3YWR4YXQ3SkowY2RrWGVob3V0akptUEh3TjBTQUY0NWZMYW82djJnZTFoZkE0SkFkOFV4aHdJZHN4enVBa083VXJyd01OWFM2alFEbUVFV1VBZCt2VmJsQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 274483
content-length: 0
expires: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 84F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

60ms
60ms

Image
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/
Protocol: H3
Server: 2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Redirect headers

date: Fri, 09 Sep 2022 00:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 266E
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

68 B
86 B

48ms
41ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Referer: https://www.thefandom.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 70
content-type: text/html
date: Fri, 09 Sep 2022 00:56:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 09 Sep 2022 00:56:54 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
66 B 54ms
54ms Image
image/gif 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.100857139180518

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-zCRSxJqXbelvtarivYsCgg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
content-security-policy: script-src 'nonce-zCRSxJqXbelvtarivYsCgg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
date: Fri, 09 Sep 2022 00:56:54 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
server: ESF
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
66 B 87ms
86ms Image
image/gif 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.467776031249306

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'nonce-m8_GVkQkcAJKw5Kw4v5q1A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:54 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'nonce-m8_GVkQkcAJKw5Kw4v5q1A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self'
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
server: ESF
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 96ms
56ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-rHRL7x22bALoD6ToPdw9jw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:54 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-rHRL7x22bALoD6ToPdw9jw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
www.thefandom.site/porpoiseant/ 0
41 B 71ms
70ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjIxMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 08 Sep 2022 00:56:54 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 84F1 42 B
64 B 42ms
41ms Image
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRguIqWZQp-6NpX1OhMw07eRq475G3BW9aGug1BjwzmefremaMfc9uNN7OhhNRW7IR9lD8nZeb16-pUM_1Ccnw2eNK-Aruk4amUNK1-yi7s6nVZPKEvb85SHVFASE-gAdZlxwp&sai=AMfl-YSaSIVVwbgJdVc7vwl0GW0BvvzkYuGWluHJS_9svS6P60AIBy7eqN9Wkp-2QwHrwoUXmWlJnWJAL3IR8FMLzicuTrZ6hWCPMDl308GgognhFJmIG9ly4WAI4Myo-SA&sig=Cg0ArKJSzMlKY6b-NBN-EAE&id=ampim&o=640,1100&d=320,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=241&tls=1241&g=100&h=100&tt=1242&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1567574617

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 openad. Show response
fundingchoicesmessages.google.com/f/AGSKWxVxTK6n_5yeTn2XGEhdsq1w_TF6SxrXC1wa-FqEF4tfegD43un2hsO-pOI7AVUw-qB_i2qp8QbxDJgz0RS0rtUPfAkNScv-49sKLo7YiXR_CPfTqlnPbyU0ydtygBQICjvh1ia6X1FQvg_V99o9z7V-5gJ1w... 54 B
107 B 65ms
63ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVxTK6n_5yeTn2XGEhdsq1w_TF6SxrXC1wa-FqEF4tfegD43un2hsO-pOI7AVUw-qB_i2qp8QbxDJgz0RS0rtUPfAkNScv-49sKLo7YiXR_CPfTqlnPbyU0ydtygBQICjvh1ia6X1FQvg_V99o9z7V-5gJ1wlryhhIuIZwvOnnhCYP759NJqJIZD8A=/_/bannerdeliver.php/img-ads./ads-foot./webmailad./openad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ODDhY3V4UUg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyv9tTrSjDCpk3VETgsmx50Xtd0Sw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b808c7606fcfdb78729d8de36e42a20184c4d9c7f9b567267e5fd6a238e63f2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-Osp4fHVofBJ5khKaOSZ46A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-Osp4fHVofBJ5khKaOSZ46A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
date: Fri, 09 Sep 2022 00:56:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 63 KB
24 KB 7ms
4ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ODDhY3V4UUg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyv9tTrSjDCpk3VETgsmx50Xtd0Sw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24190
x-xss-protection: 0
server: cafe
etag: 6142364239576130187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 01:11:00 GMT

POST
H3 204 AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 54ms
53ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-mVnbE4bix3om3NAZd97ZZg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-mVnbE4bix3om3NAZd97ZZg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
www.thefandom.site/porpoiseant/ 0
41 B 71ms
70ms XHR
text/plain 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2MDgxOTcyNzYwODU2MCIsImRvbWFpbl9pZCI6IjMzOTYwOCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWZhbmRvbV9zaXRlLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjYyNjg1MDExLCJhZF9wb3NpdGlvbiI6MjEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkpQIiwicGFnZXZpZXdfaWQiOiJkYzNlNTNhYi0xMTFhLTQyMTUtNTg4Zi01MGJhMjI0M2Y4ZTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzIwLDEwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0NjA4MTk3Mjc2MDg1NjAiLCJkb21haW5faWQiOiIzMzk2MDgiLCJ1bml0IjoiZGl2LWdwdC1hZC10aGVmYW5kb21fc2l0ZS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2MjY4NTAxMSwiYWRfcG9zaXRpb24iOjIxMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJKUCIsInBhZ2V2aWV3X2lkIjoiZGMzZTUzYWItMTExYS00MjE1LTU4OGYtNTBiYTIyNDNmOGU2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDYwODE5NzI3NjA4NTYwIiwiZG9tYWluX2lkIjoiMzM5NjA4IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlZmFuZG9tX3NpdGUtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjI2ODUwMTEsImFkX3Bvc2l0aW9uIjoyMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiSlAiLCJwYWdldmlld19pZCI6ImRjM2U1M2FiLTExMWEtNDIxNS01ODhmLTUwYmEyMjQzZjhlNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMjgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 08 Sep 2022 00:56:55 GMT

POST
H3 204 AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 184ms
183ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-DwnatZGe-OhDxVTIBVhLVw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-DwnatZGe-OhDxVTIBVhLVw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 199ms
198ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-iJ92Es9B8PEykXqF4eQsVQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-iJ92Es9B8PEykXqF4eQsVQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 240ms
239ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcwX-o3s-Vpo-3WjxsmHwJ_ECt7jZNCHgTqk-5y5momLRUHBQbm5WFhrzR3Uld9yKsJk00Xx-_F-EVTtMfkSaxjUAwClSwWk5NqObmMrwEkYJzNINFMMh0uY5xFCRaLSM50cm2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-kME4qr4mXg-5sNtclPU19A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-kME4qr4mXg-5sNtclPU19A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUNvRUniktS0-v9SPsd5OkWEOpqPd0TQqPK-tvxE-_jC3BrQxS3zEZH0l6_1gijXT3i3kirz8bntmXHFuzW95WAePqyEKAMHqfGfjqxDq_6_JMCr_ss2UoLqff1WlO77piG5hUJ Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 90ms
89ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUNvRUniktS0-v9SPsd5OkWEOpqPd0TQqPK-tvxE-_jC3BrQxS3zEZH0l6_1gijXT3i3kirz8bntmXHFuzW95WAePqyEKAMHqfGfjqxDq_6_JMCr_ss2UoLqff1WlO77piG5hUJ?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyNjg1MDE1LDYwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnRoZWZhbmRvbS5zaXRlLyIsbnVsbCxbWzgsIk9ERGhZM1Y0VVVnIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95195f1d3e29def75f7a1a9be468390a9cb7aa9fb5a371fbef9020079e3f6a6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-4_l7Nwo0cclQIdO9vboVCw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-4_l7Nwo0cclQIdO9vboVCw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 597ms
176ms Ping
image/gif 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l7trq8si&ctx=0&met.9=1.1y8~13.21f~2.21v
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 00:56:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXyqJLtkvzyK8y5YP1vtkN--Kerp3dHWJKs5Us3SiOJ0-2BESFg5BmfIbJRQbidIvgqQx-ibtbBLyZyCh80KgXFxdvv4wvGMMcVR1tpTQQYt3HJYDWZlsP5U7qvTyScgKgV2RXU Show response
fundingchoicesmessages.google.com/el/ 0
26 B 143ms
142ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXyqJLtkvzyK8y5YP1vtkN--Kerp3dHWJKs5Us3SiOJ0-2BESFg5BmfIbJRQbidIvgqQx-ibtbBLyZyCh80KgXFxdvv4wvGMMcVR1tpTQQYt3HJYDWZlsP5U7qvTyScgKgV2RXU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-0imSDMFG2938gswcsMTnoA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-0imSDMFG2938gswcsMTnoA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVPFF1_A-dThUcgKoCidD_jMgmPx5uGTLRwSNJVxHpa53R4elLiiHbdi4xsZdqfBbIJvg1MF6C-HrwZxZpJIycEIuMX4okbhPafWlw1wScs4vM00fgSMdEiDUT5GB4facNA4TlP Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 69ms
68ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVPFF1_A-dThUcgKoCidD_jMgmPx5uGTLRwSNJVxHpa53R4elLiiHbdi4xsZdqfBbIJvg1MF6C-HrwZxZpJIycEIuMX4okbhPafWlw1wScs4vM00fgSMdEiDUT5GB4facNA4TlP?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyNjg1MDE1LDcxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnRoZWZhbmRvbS5zaXRlLyIsbnVsbCxbWzgsIk9ERGhZM1Y0VVVnIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b70367e4212b8030c933418775c3920ac6c81f1357cbf700b209a4d3796220c

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-9VlobypppCANxKbkDaj5Qg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'nonce-9VlobypppCANxKbkDaj5Qg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
date: Fri, 09 Sep 2022 00:56:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWB_pAUbsKJjb6tOoyk7wAABBEfaWT87TUcSNHJgiXIbRAAPdXYj6KZ3xSPHyR4suyMEZSS5BYCtO5rbfK4hAx4OJU8aviw9nrdIZTb4WVNKo3SGGxU1wbtyzBa_UZ0w3yoiKPk Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 86ms
85ms Script
application/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWB_pAUbsKJjb6tOoyk7wAABBEfaWT87TUcSNHJgiXIbRAAPdXYj6KZ3xSPHyR4suyMEZSS5BYCtO5rbfK4hAx4OJU8aviw9nrdIZTb4WVNKo3SGGxU1wbtyzBa_UZ0w3yoiKPk?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYyNjg1MDE1LDgwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudGhlZmFuZG9tLnNpdGUvIixudWxsLFtbOCwiT0REaFkzVjRVVWciXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6067c3692ae62db800bc43040305c3c1962dfe925932f2d664a97f7d01738bd1

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-mUrrZGqjvFk3w3GtXMMo6A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-mUrrZGqjvFk3w3GtXMMo6A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUun6GUCrw73-ZasS8UtJw0LV5QL4YYNW6qhijckfHTYTAlJe8kQieiC7fTrFU3j7gDORUV47kPfHDtPCwOi3PNl0yRvfODNrkm7J8s9hpifCe-fT1ZrnHkufWVsQqkagZ0bth7 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 54ms
54ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUun6GUCrw73-ZasS8UtJw0LV5QL4YYNW6qhijckfHTYTAlJe8kQieiC7fTrFU3j7gDORUV47kPfHDtPCwOi3PNl0yRvfODNrkm7J8s9hpifCe-fT1ZrnHkufWVsQqkagZ0bth7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-HyASR7BGPVaP5Sa3f9UY8A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-HyASR7BGPVaP5Sa3f9UY8A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXyqJLtkvzyK8y5YP1vtkN--Kerp3dHWJKs5Us3SiOJ0-2BESFg5BmfIbJRQbidIvgqQx-ibtbBLyZyCh80KgXFxdvv4wvGMMcVR1tpTQQYt3HJYDWZlsP5U7qvTyScgKgV2RXU Show response
fundingchoicesmessages.google.com/el/ 0
26 B 213ms
213ms XHR
text/html 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXyqJLtkvzyK8y5YP1vtkN--Kerp3dHWJKs5Us3SiOJ0-2BESFg5BmfIbJRQbidIvgqQx-ibtbBLyZyCh80KgXFxdvv4wvGMMcVR1tpTQQYt3HJYDWZlsP5U7qvTyScgKgV2RXU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-8vFzGVHqPMnuumYdoAKYig' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thefandom.site/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Fri, 09 Sep 2022 00:56:56 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.thefandom.site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-8vFzGVHqPMnuumYdoAKYig' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e-202234.js Show response
www.thefandom.site/ezossp/https/stats.wp.com/ 9 KB
3 KB 155ms
154ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/ezossp/https/stats.wp.com/e-202234.js?screx=1&sxcb=1a
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT sin
date: Fri, 09 Sep 2022 00:56:57 GMT
content-encoding: br
etag: W/"61adb0c2-3508-gzip"
server: nginx
x-origin-cache-control: max-age=31536000
x-ezoic-cdn: Hit ds;ds;fcb962cc042ee087784643653fe4286a;2-339608-11;725194fd-3125-42b0-7cfd-cf8438f21286
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
x-middleton-response: 200
vary: Accept-Encoding,User-Agent,Origin

GET
H2 200 adsbygoogle.js Show response
www.thefandom.site/ezossp/https/pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 222ms
221ms Script
text/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thefandom.site/ezossp/https/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1977616398727154&screx=1&sxcb=1a

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bfa552b832cba225447cd4f9a3f7ae23b44e89e5bc4afc3c919b05bee45415d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
x-ezoic-cdn: Hit ds;ds;2b69e92ef65fe0ee9ead089c0a274757;2-339608-11;fa88afec-db7a-4fa3-4bdc-1c8fbefd3ae9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
x-middleton-display: staticcontent_sol
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: nginx
x-origin-cache-control: private, max-age=3600
vary: Accept-Encoding,User-Agent,Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=2592000
etag: 9221146342153756089
timing-allow-origin: *

GET
H2 200 cse.js Show response
www.thefandom.site/ezossp/https/cse.google.com/ 7 KB
3 KB 166ms
165ms Script
text/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thefandom.site/ezossp/https/cse.google.com/cse.js?cx=c0ea1ff141673d924&screx=1&sxcb=1a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b7117081cc015090a2f326b390e975d70622b367af98cd6a5639c34c56833a36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent,Origin
server: nginx
x-ezoic-cdn: Hit ds;ds;40638f907513d67f4908cceb0e31af4c;2-339608-11;2c9b5cde-2e25-4266-4abe-57da26c4e89f
x-origin-cache-control: private
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

GET
H2 200 photon.min.js Show response
www.thefandom.site/ezossp/unknown/c0.wp.com/p/jetpack/11.2/_inc/build/photon/ 685 B
492 B 216ms
216ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thefandom.site/ezossp/unknown/c0.wp.com/p/jetpack/11.2/_inc/build/photon/photon.min.js?screx=1&sxcb=1a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;ds;c64c3c5a4a45157440dd13222155936c;2-339608-11;fdaa06da-a86a-4c8b-6498-2d6719000a5f
x-middleton-display: staticcontent_sol
x-middleton-response: 200
content-length: 317
x-nc: HIT sin 2
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
server: nginx
x-origin-cache-control: max-age=31536000
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/fd562c898514f252/ 303 KB
101 KB 7ms
7ms Script
text/javascript 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/fd562c898514f252/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/ezossp/https/cse.google.com/cse.js?cx=c0ea1ff141673d924&screx=1&sxcb=1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc8d1a7e1de17078283415c9685204a70ea812c592956b5600a6b9e24e9b2c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 06 Sep 2022 22:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103187
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:48:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 06 Sep 2023 22:27:50 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/fd562c898514f252/ 41 KB
9 KB 8ms
8ms Stylesheet
text/css 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/fd562c898514f252/default+en.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/ezossp/https/cse.google.com/cse.js?cx=c0ea1ff141673d924&screx=1&sxcb=1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 22:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:48:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 08 Sep 2023 22:18:53 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 3ms
3ms Stylesheet
text/css 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.thefandom.site
URL: https://www.thefandom.site/ezossp/https/cse.google.com/cse.js?cx=c0ea1ff141673d924&screx=1&sxcb=1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 09 Sep 2022 01:43:56 GMT

GET
H3 200 mobile+en.css
www.google.com/cse/static/element/fd562c898514f252/ 5 KB
1 KB 5ms
5ms Stylesheet
text/css 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/fd562c898514f252/mobile+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ba1934adfe2b5bdf9f9cc02651321459109afc50f329684fd0f3677d926b25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 08 Sep 2022 22:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1509
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 20:48:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 08 Sep 2023 22:20:28 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 194ms
60ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16cbbd3a7e2b73333445bc560bb2a6f40cb7469924913911ddc68aedd61dda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12730318041224573657"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 09 Sep 2022 00:56:57 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 3ms
3ms Image
image/png 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/fd562c898514f252/default+en.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 03 Sep 2022 16:56:43 GMT
x-content-type-options: nosniff
age: 460814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Sep 2023 16:56:43 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 3ms
3ms Image
image/png 2404:6800:4004:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 04 Sep 2022 07:43:04 GMT
x-content-type-options: nosniff
age: 407633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 04 Sep 2023 07:43:04 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 78ms
3ms Image
text/plain 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 217ms
3ms Image
text/plain 2404:6800:4004:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 intersection-observer.js Show response
www.thefandom.site/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 452ms
151ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&screx=1&sxcb=1a&ver=83ec8aa758f883d6da14
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;a1346b8477d769c7055edc2e46bd8581;2-339608-11;50cd5a44-e0f9-4217-796f-6711133f2988
x-middleton-display: staticcontent_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-nginx-cache: WordPress
response: 200
server: Apache
x-origin-cache-control: max-age=300
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.00% 8983 / 8983

GET
H2 200 lazy-images.js Show response
www.thefandom.site/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 449ms
148ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&screx=1&sxcb=1a&ver=54eb31dc971b63b49278
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 09 Sep 2022 00:56:57 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;601dc46365661b3ef0ca118909171bf1;2-339608-11;65cf2f37-3100-4f39-58bb-18e7accf5984
x-middleton-display: staticcontent_sol
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
x-middleton-response: 200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 911
x-nginx-cache: WordPress
response: 200
server: Apache
x-origin-cache-control: max-age=300
vary: Accept-Encoding,User-Agent,Origin
x-endurance-cache-level: 1
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.00% 2361 / 2361

GET
H2 200 bundle.js
www.thefandom.site/ezossp/unknown/runtime.builderservices.io/runtime-endurance-default/ 2 MB
420 KB 695ms
394ms Script
application/javascript 18.140.162.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefandom.site/ezossp/unknown/runtime.builderservices.io/runtime-endurance-default/bundle.js?screx=1&sxcb=1a&ver=1651866237
Requested by: Host: www.thefandom.site
URL: https://www.thefandom.site/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y1f-5y21-3y2f-4y57-2y5b-22y62-1&cmbcb=108&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2fx57x5bx62&abt=BidFloorMethod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.140.162.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-162-93.ap-southeast-1.compute.amazonaws.com
Software: cloudflare /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.thefandom.site/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 09 Sep 2022 00:56:58 UTC
content-encoding: br
cf-cache-status: MISS
content-md5: zr1PzQZGQ1+XitxBpwPSnA==
x-ezoic-cdn: Hit ds;ds;50e9fb94819fbb315d26a366ec66a42c;2-339608-11;093e4f3e-bee0-458d-5b1a-69b55cd5e07d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-ms-lease-status: unlocked
last-modified: Wed, 07 Sep 2022 10:42:40 GMT
server: cloudflare
x-origin-cache-control: "max-age=31536000"
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-ms-request-id: e81ce53a-501e-0054-6fb6-bdae1b000000
cache-control: public, max-age=2592000
x-ms-version: 2009-09-19
cf-ray: 743b0b4d4d3ba137-SIN

GET e8ddb8b1237a928b7f2f4083f234b9e9.svg
runtime.builderservices.io/runtime-endurance-21504/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: javascript: void(0)

Domain: runtime.builderservices.io
URL: https://runtime.builderservices.io/runtime-endurance-21504/e8ddb8b1237a928b7f2f4083f234b9e9.svg

Verdicts & Comments Add Verdict or Comment

414 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thefandom.site/	1970-01-20 05:51:26	Name: ezoadgid_339608 Value: -1
.thefandom.site/	1970-01-20 05:51:32	Name: ezoref_339608 Value:
.thefandom.site/	1970-01-20 14:37:01	Name: ezosuibasgeneris-1 Value: 564ef618-ad41-4471-66cc-bd8e6e2a1022
.thefandom.site/	1970-01-20 05:51:32	Name: ezoab_339608 Value: mod74
.thefandom.site/	1970-01-20 05:54:17	Name: active_template::339608 Value: pub_site_mobile.1662685011
.thefandom.site/	1970-01-20 05:51:26	Name: ezopvc_339608 Value: 1
.thefandom.site/	1970-01-20 05:52:51	Name: ezepvv Value: 0
.thefandom.site/	1970-01-20 05:51:26	Name: ezovid_339608 Value: 433765045
.thefandom.site/	1970-01-20 05:51:26	Name: lp_339608 Value: https://www.thefandom.site/
.thefandom.site/	1970-01-20 05:54:17	Name: ezovuuidtime_339608 Value: 1662685012
.thefandom.site/	1970-01-20 05:51:26	Name: ezovuuid_339608 Value: a51048b0-5909-48c9-5fb7-3ed1c3bcf932
.thefandom.site/	1970-01-20 05:52:51	Name: _gid Value: GA1.2.1659880445.1662685013
.thefandom.site/	1970-01-20 05:51:25	Name: _gat_gtag_UA_197911823_2 Value: 1
www.thefandom.site/	1970-01-20 15:27:25	Name: ezds Value: ffid%3D2%2Cw%3D1200%2Ch%3D1600
www.thefandom.site/	1970-01-20 15:27:25	Name: ezohw Value: w%3D1600%2Ch%3D1200
.thefandom.site/	1970-01-20 15:27:25	Name: _ga_VN9CQ92YXT Value: GS1.1.1662685012.1.0.1662685012.0.0.0
.thefandom.site/	1970-01-20 15:27:25	Name: _ga Value: GA1.1.138620682.1662685013
.thefandom.site/	1970-01-20 15:13:01	Name: __gads Value: ID=319975cfba8e3c4c-22d3bcb947d60078:T=1662685012:RT=1662685012:S=ALNI_MaI42rBjocygmDFQp-FDcY-YLFbBw
.thefandom.site/	1970-01-20 15:13:01	Name: __gpi Value: UID=0000099d81483a39:T=1662685012:RT=1662685012:S=ALNI_MZOzbvfxSotT_NZ93aeA2wBzybNjw
www.thefandom.site/	1970-01-20 15:15:53	Name: qcSxc Value: 1662685013097
.thefandom.site/	1970-01-20 15:15:53	Name: __qca Value: P0-1860803659-1662685013093
.doubleclick.net/	1970-01-20 05:51:25	Name: test_cookie Value: CheckForPermission
www.thefandom.site/	1969-12-31 23:59:59	Name: ezouspvv Value: 36
www.thefandom.site/	1969-12-31 23:59:59	Name: ezouspva Value: 1
www.thefandom.site/	1969-12-31 23:59:59	Name: ezouspvh Value: 36
.thefandom.site/	1970-01-20 05:51:25	Name: lotame_domain_check Value: thefandom.site
.criteo.com/	1970-01-20 15:13:01	Name: uid Value: 54aa771d-70ad-4d47-9d2c-5695f530cecc
.thefandom.site/	1970-01-20 15:13:01	Name: cto_bundle Value: hNh4u185JTJGVk9HcDJpVzVhY3FPbUw4SnprZkYyeERTcm1iWWtoNmFQJTJGbmRyb3F5RjYlMkZHdSUyRldzY3hrT3RvbUtDS0ZHRTRuV3k0NVUwUWclMkJKbDlKRHJSbVNhcklFV2lSTVFjaDhCUXIyZjhwMHclMkJZVG05UDBOQ1cxZWhNV3NOUTNYYngyQnVnc24yMlB2ZndVNFZjTHdyMW9pZlElM0QlM0Q
.doubleclick.net/	1970-01-20 05:51:28	Name: DSID Value: NO_DATA
.thefandom.site/	1970-01-20 14:37:01	Name: FCNEC Value: %5B%5B%22AKsRol_Zljh6ifj18Tsusmg3KZzYJqN1XZ5bmm2oG3DsaDbBbn_GGsDcHBBYfOK0NSAotZmskdWew2fTBo3RsbxgaoM-0dzTjLdCtv_tWemaI9gYAg1YLo_D1bxstDWV9PWs-XgokNmarvkyE1F1RneLXOOYm6_wiw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
www.thefandom.site/	1970-01-20 06:34:37	Name: _pbjs_userid_consent_data Value: 6683316680106290

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: javascript: void(0) Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
api.fouanalytics.com
basher.ezodn.com
c0.wp.com
cdn.ampproject.org
cdn.id5-sync.com
clients1.google.com
components.mywebsitebuilder.com
cse.google.com
csi.gstatic.com
e12cc960004cb092fe468e18c924780e.safeframe.googlesyndication.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
go.ezodn.com
go.ezoic.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id.sharedid.org
id5-sync.com
images.builderservices.io
invstatic101.creativecdn.com
mug.criteo.com

oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prod.uidapi.com
pxl.qccerttest.com
retroexaminer.com
rules.quantcount.com
runtime.builderservices.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.thefandom.site

runtime.builderservices.io
141.95.98.65
162.241.225.168
18.140.162.93
18.225.2.19
182.161.74.11
192.0.77.37
2404:6800:4004:808::200e
2404:6800:4004:80a::2001
2404:6800:4004:80a::2002
2404:6800:4004:80b::2002
2404:6800:4004:80c::2002
2404:6800:4004:810::2004
2404:6800:4004:811::200a
2404:6800:4004:811::200e
2404:6800:4004:812::2002
2404:6800:4004:81d::2008
2404:6800:4004:822::2001
2404:6800:4004:823::2003
2404:6800:4004:823::200a
2404:6800:4004:824::200e
2404:6800:4004:825::2002
2404:6800:4004:825::200e
2404:6800:4004:826::2001
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2406:2600:4::1
2406:2600:4::b
2600:9000:20c4:1a00:11:615:7240:93a1
2600:9000:20c4:ae00:6:44e3:f8c0:93a1
2600:9000:21b7:fc00:2:cb38:840:93a1
2606:4700:10::6816:3456
2606:4700:3036::ac43:a1d1
2606:4700:3036::ac43:c834
2606:4700::6812:9709
2607:f8b0:4020:806::2003
2620:116:800e:21:c338:3a39:7c0b:1a51
34.102.146.192
34.120.135.53
34.208.243.53
34.96.70.87
35.190.14.35
35.190.39.111
35.244.159.8
99.84.140.54
0157dafdf66bc4a031c6f20efc6f20e5076b07fa7a837576c13726614a58b015
037a097ab5eafa9c268066bdc337cd0c818ab42c5e3df824c67831bbe8abc2e9
03daf3d07b476bfe1ab2d57017cbc450082015aa464e0ffceaff624cb235b747
0582ba3aed7d649d346d34c0ce8eba8b1f6f326c7d4a80ab9bc3fa22b4a1f4e7
0756082b3b1a8cf93f726e342047f101b6530b6c05c9c47554412ea97530393e
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0a7bb830ca0126a6c54a9ffa9a778421c49bf17bdfb31cc45c311326bff26733
0e5ecdc767dab401677a88743ed088fcae15b6670aa22ec28cad585cd5da876d
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
17465183edee9f68d56a5c99ffeb68fa50abbcb653612856a06e013ae7163502
1b70367e4212b8030c933418775c3920ac6c81f1357cbf700b209a4d3796220c
224196268c36f671609b0cb0f2af981475ed9836ef51c58a297c7035eba3d18d
227c1ccf13722dd35be78494e4c9b6925856cc93a1035a26668249c92be24f10
22ae2f71e75c39947b057edd2b0ec19b454174604be58772f2b60c8fc335c28c
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
24a1fe04717202b35f32077f30c5ea85a0e111782ceeb99596b2496ef5f401a6
24ce51c04774ebdfc8b33a84fa345e5917f453183a757919294b124eae261a81
2511c9a9aab8bb9088fa965d5767cf8f88f3e5e578342e8856d46d750cedc3f3
2a5cd896a14da7b13de3953328383ea11ee3c1d9b008ae5d99f8239a9bc20209
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2a7e8305395cee954a3f556dad4f29636359c4de9f7448968a142db061babb70
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2d7a704cff71682c8480e19cb5b7939f9554fff4749aa30166e8d392c8630a6d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32cf0a8fe53899cf276cb12df8c8f5f1558bfb49a803502eda8296818dafef6f
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3c42521cbac8e8aeb57aa02d9edce74679fe00b13eb7fded6ac39379d3956f50
3e1c3bd570a7aaf3487ab464c8d677417b2d84ed3420b7c8f8589aad9c3f564e
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
49d3040ef33fe291474733409526cabe7cf7ff3c544580b9e919beb96f90f547
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5835134625d3c6de861f9db3570963c9aca75a9435480b5a54732887a6c654c4
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5f44671ca5b51ef1cebfe818c18c2cddf9790f920511007809aea47010ad148f
6067c3692ae62db800bc43040305c3c1962dfe925932f2d664a97f7d01738bd1
61f88c006454a68ef3727e4e7038592fef9678fb52b0d6cb6d2c131cbc3ff80f
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42
6af616f9c0a320b9a5761667869c3193317cea3ed1f75115521a4028daad603c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78944548d2909bc65713ad586777137f5a3725e7eea74ae4d51b41d5edd628b8
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7ba1934adfe2b5bdf9f9cc02651321459109afc50f329684fd0f3677d926b25d
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
8d3251f4935896ec37ada153d20d0109828ad08523127f136415355b3fca2dcf
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
95195f1d3e29def75f7a1a9be468390a9cb7aa9fb5a371fbef9020079e3f6a6e
97db3394ee8b77e2aa9643143e178905f3d2d3c831a189c040f290e683d1859f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9b186fcf793a1aa723bcd883860494c5e77b1a1f038d85c7a5e809d866117bed
9b808c7606fcfdb78729d8de36e42a20184c4d9c7f9b567267e5fd6a238e63f2
9dab8b2920539830f96bdc5ff234eff94df26353844333e8717328fe16ca2e62
9e65fb5b0032593b7b8fb12b27a01c3c2cefe7e0e231816ee2c8dda3a4355dd8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a412223fab0492a8d9dae6ba09ae45db716aefe7345a991620583155922c0a35
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a777af2234c2dcbce48c7fca49ea8274a8d8bda3a6bfa7423adac685a09c470b
ad4136914a8f5ae964a9f987506a2e285a67f50ea83acd27ec82aa37d3791ca5
b2e870972e45bf8a3a666b5926f155265757cd8184585ed9aac9d7fff09bcd1a
b4129c8fd1bbaf82f9d0f1ec86d53d89ed6c48283755cc25df75f36cdcd36091
b5fe832de724daf3d7fe885158280a2dfcae8de179b42ae310bae7e61ab19a3b
b7117081cc015090a2f326b390e975d70622b367af98cd6a5639c34c56833a36
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9468203d1a374c57d8f34c2df0229524b0b930bd43ed137a2a9bbbb21c1606e
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bb0dd1ff1ea3cbbe20203aa273f433d5282bc24d282fa0b7b08ef4ed75d56c91
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1
bf6d705d74ebdb073c33ddff97c38624506eb0f45f7ab4be6df1b2952df8456c
bfa552b832cba225447cd4f9a3f7ae23b44e89e5bc4afc3c919b05bee45415d4
c1fab2776a1fc9672ab7254b6fb388ebdbc6eb31e8a007d0f782e0d48a23b626
c5bc6383bdbb68f33436c993ff2867651001eee42ab27c3770a9dfc56fc95891
c7b45e777260ed4a4e4c94426faf08283dfd6e4bf681a553aa0e6534de78c954
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cad91c078865656c6870d149e88b8d417d3ad5886c75fdc1726c00a517e2e40e
d015207735e68e0dadebb02eb76d38efb4f2929c3b77924ce46d4a817c0acbac
d348cc646723bcafcc51d495d5c9c21e9a79b6f0917e48ed63d1c84206b1652b
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d93b731f5babfb48a2edfd7c6e9db24b22ab272b04e47cdf8e22775335751f1b
d93d3947956f235bd3e7338d88c3439689aa084fd9425d315d2b195037c61569
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd04e772871e4aae2602a75846a098ef3038878561a31d92117c541100a7777f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e
e11b3bd7c0b1585b602508bf3ac9a99bb1122bbd5433b82ef9f75caf72ed95d0
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eef1d948fb9476ca3cd570288c43a3dc93b09ed9e7330f85fe525c276ededdfe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16cbbd3a7e2b73333445bc560bb2a6f40cb7469924913911ddc68aedd61dda4
f4d071d7f96e8b39db17e50ea3bb68906a23e3e6d22790b6ef4bf312b12e9e33
fc8d1a7e1de17078283415c9685204a70ea812c592956b5600a6b9e24e9b2c2d
fd30b265fbb74e94e1df99c923897ce2126be2b477f079449f420d8d4234067a

www.thefandom.site Open in urlscan Pro 18.140.162.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

97 %HTTPS

68 %IPv6

33 Domains

49 Subdomains

44 IPs

6 Countries

2051 kBTransfer

6276 kBSize

31 Cookies

3 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thefandom.site Open in urlscan Pro
18.140.162.93 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

97 %
HTTPS

68 %
IPv6

33
Domains

49
Subdomains

44
IPs

6
Countries

2051 kB
Transfer

6276 kB
Size

31
Cookies

151 HTTP transactions
6 data transactions