touhokurakutenngo-rudenni-gurusu.work Open in urlscan Pro
150.95.54.179 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://touhokurakutenngo-rudenni-gurusu.work/
Submission Tags: krdtest
Submission: On August 25 via api (August 25th 2021, 1:50:22 pm UTC) from JP

Summary HTTP 175 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 26 domains to perform 175 HTTP transactions. The main IP is 150.95.54.179, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is touhokurakutenngo-rudenni-gurusu.work.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 19th 2021. Valid for: 3 months.

This is the only time touhokurakutenngo-rudenni-gurusu.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	150.95.54.179 150.95.54.179	7506 (INTERQ GM...) (INTERQ GMO Internet)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	147.92.191.167 147.92.191.167	38631 (LINE LINE...) (LINE LINE Corporation)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	54.250.28.113 54.250.28.113	16509 (AMAZON-02) (AMAZON-02)
5	153.120.49.88 153.120.49.88	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
2	133.242.86.196 133.242.86.196	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
21	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	18.176.86.15 18.176.86.15	16509 (AMAZON-02) (AMAZON-02)
37	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:3400:1f:2964:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.126 13.224.96.126	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.18 13.224.96.18	16509 (AMAZON-02) (AMAZON-02)
4	13.230.7.5 13.230.7.5	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.175.178 18.194.175.178	16509 (AMAZON-02) (AMAZON-02)
16 22	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:8678:af0d:fda8:5a84	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:da00:1f:5b22:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	153.127.52.28 153.127.52.28	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
175	33

25 150.95.54.179 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: jp35b.mixhost.jp

touhokurakutenngo-rudenni-gurusu.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 147.92.191.167 (Japan)

ASN38631 (LINE LINE Corporation, JP)

blogroll.livedoor.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.250.28.113 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-28-113.ap-northeast-1.compute.amazonaws.com

blogparts.blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 153.120.49.88 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: www34.with2.net

blog.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 133.242.86.196 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

rranking9.ziyu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.86.15 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-86-15.ap-northeast-1.compute.amazonaws.com

blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3400:1f:2964:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

imp-adedge.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-126.zrh50.r.cloudfront.net

static.blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-18.zrh50.r.cloudfront.net

b.blogmura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.230.7.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-7-5.ap-northeast-1.compute.amazonaws.com

ssp-bidapi.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.175.178 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-175-178.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.98 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:8678:af0d:fda8:5a84 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:da00:1f:5b22:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

spnativeapi-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 153.127.52.28 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: ik1-424-44024.vs.sakura.ne.jp

baseball-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	673 KB
38	doubleclick.net 16 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	139 KB
25	touhokurakutenngo-rudenni-gurusu.work touhokurakutenngo-rudenni-gurusu.work	3 MB
15	wp.com c0.wp.com i1.wp.com i0.wp.com s0.wp.com stats.wp.com pixel.wp.com	67 KB
9	i-mobile.co.jp imp-adedge.i-mobile.co.jp ssp-bidapi.i-mobile.co.jp spnativeapi-tls.i-mobile.co.jp	59 KB
9	google.com 3 redirects adservice.google.com www.google.com	2 KB
9	livedoor.net blogroll.livedoor.net	25 KB
7	ampproject.org cdn.ampproject.org	125 KB
6	twitter.com platform.twitter.com syndication.twitter.com	150 KB
5	with2.net blog.with2.net	43 KB
5	blogmura.com blogparts.blogmura.com blogmura.com static.blogmura.com b.blogmura.com	8 KB
4	googletagservices.com www.googletagservices.com	139 KB
3	google.de adservice.google.de	1 KB
3	gravatar.com secure.gravatar.com	10 KB
2	baseball-data.com baseball-data.com	12 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	765 B
2	ziyu.net rranking9.ziyu.net	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	innovid.com ag.innovid.com	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	459 B
1	agkn.com 1 redirects d.agkn.com	763 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	677 B
175	26

	Domain	Requested by
37	tpc.googlesyndication.com	googleads.g.doubleclick.net touhokurakutenngo-rudenni-gurusu.work tpc.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com
25	touhokurakutenngo-rudenni-gurusu.work	touhokurakutenngo-rudenni-gurusu.work
22	cm.g.doubleclick.net	16 redirects touhokurakutenngo-rudenni-gurusu.work googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net touhokurakutenngo-rudenni-gurusu.work
9	blogroll.livedoor.net	touhokurakutenngo-rudenni-gurusu.work blogroll.livedoor.net
9	pagead2.googlesyndication.com	touhokurakutenngo-rudenni-gurusu.work pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	c0.wp.com	touhokurakutenngo-rudenni-gurusu.work
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	blog.with2.net	touhokurakutenngo-rudenni-gurusu.work blog.with2.net
4	spnativeapi-tls.i-mobile.co.jp	imp-adedge.i-mobile.co.jp touhokurakutenngo-rudenni-gurusu.work
4	ssp-bidapi.i-mobile.co.jp	imp-adedge.i-mobile.co.jp
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	platform.twitter.com	touhokurakutenngo-rudenni-gurusu.work platform.twitter.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	secure.gravatar.com	touhokurakutenngo-rudenni-gurusu.work secure.gravatar.com
2	syndication.twitter.com	platform.twitter.com touhokurakutenngo-rudenni-gurusu.work
2	baseball-data.com	touhokurakutenngo-rudenni-gurusu.work
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	rranking9.ziyu.net	touhokurakutenngo-rudenni-gurusu.work
2	blogparts.blogmura.com	touhokurakutenngo-rudenni-gurusu.work
2	i0.wp.com	touhokurakutenngo-rudenni-gurusu.work
2	i1.wp.com	touhokurakutenngo-rudenni-gurusu.work
2	www.google-analytics.com	touhokurakutenngo-rudenni-gurusu.work www.google-analytics.com
1	pixel.wp.com	touhokurakutenngo-rudenni-gurusu.work
1	maxcdn.bootstrapcdn.com	touhokurakutenngo-rudenni-gurusu.work
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	b.blogmura.com	blogmura.com
1	static.blogmura.com	blogmura.com
1	imp-adedge.i-mobile.co.jp	rranking9.ziyu.net
1	blogmura.com	blogparts.blogmura.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.wp.com	touhokurakutenngo-rudenni-gurusu.work
1	s0.wp.com	touhokurakutenngo-rudenni-gurusu.work
175	40

This site contains links to these domains. Also see Links.

Domain
blogroll.livedoor.net
blue-a.org
thebaseball.xyz
blogroll.livedoor.com
antennabank.com
0matome.com
newsoku.jp
puroyakyuu.atna.jp
x.antenam.info
yakiu-antenna.net
www.news1000000.com
iwashi.biz
baseball-data.com
blog.with2.net
spnativeapi.i-mobile.co.jp
rranking9.ziyu.net
www.ziyu.net
blogranking.fc2.com

Subject Issuer	Validity	Valid
touhokurakutenngo-rudenni-gurusu.work cPanel, Inc. Certification Authority	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.livedoor.net GlobalSign RSA OV SSL CA 2018	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.blogmura.com Amazon	`2021-02-01` - `2022-03-02`	a year	crt.sh
blog.with2.net JPRS Domain Validation Authority - G4	`2020-12-11` - `2021-12-31`	a year	crt.sh
*.ziyu.net R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2020-08-18` - `2022-03-31`	2 years	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
baseball-data.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://touhokurakutenngo-rudenni-gurusu.work/
Frame ID: 243FD2169FC83D86697C5DA07ED9EDB9
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Frame ID: BB9C80CE795A115768BA1A043E037DB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234
Frame ID: 3B3880DA386862EAB14BE77A3B178360
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6
Frame ID: 0B2FEB8BCCC56634AF41CDFDBD2F5689
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
Frame ID: 0EFE89C85488F858CE97F77045932631
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
Frame ID: C00FCC7570D3F9C182DC2AEB171E52FE
Requests: 1 HTTP requests in this frame

Frame: https://blogmura.com/blogmura_parts.html?chid=10962975&oldCatId=&oldSubCatId=&type=pv&catId=11373
Frame ID: 8414ECE5729F4EB51FB5F0903910FE7A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A7E3FDBB55519BB068266CE264CE86FE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js
Frame ID: E2070B3699C8010E8BFCC391CAA1096D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html
Frame ID: 52C95E9A2C31D86A03CB9A44865875BD
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CAw2KfEomYfChNPC3mLAP2aibqAPSoP_RY4HqovqmDtvZHhABILqh-GxglQKgAcitgNoByAEJqQLQv5q926-zPqgDAcgDSKoE4AFP0G3jWnMLPFpyeWsIcWxLJswGiBHe3CMcxKsUapF31FyA-iNYMLzUfYrImDDdfxeSHOuvLesHZxY4vYTU3LbrqB3-g3h99MtY72Eg5pvGKLVhHP6cc_TzhLlkfO2BaGQqCbBCckj0JjzTUWWSchaMX-1N7DXCv-0YuaZAq6YeXYA2atvJjFAJrwCwdmXAEC3jvIdoOUHc5EKFKJOgXy1LCWIfEo3t2Q4KRhmzllyw7JiRRd8sOUI0cmkGO8t4fI_Rho4ZtDWVNF5DNOCRrgfL6sQ1cConzgD42uRL1wcHz8AErfCEw84DkgUECAQYAZIFBAgFGASgBi6AB6DS_6UCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMGkE9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NzE0MDc3MzI4NjUxOTA2GAA&sigh=PdT9in2rif0&template_id=419
Frame ID: 1E3228A90BF701B81C65728FFC15C736
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 895697CCD7BEA5CE3B082F81E28D8B50
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 954D97EF8B18732EDAE2E9709426A584
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0119F3CF5B888E5FAA7DC42C58E963E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 366D21A88CC59408B0C548888EEFC706
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js
Frame ID: 968B905E8104C2C137D0FA405495EE9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&adk=1812271804&adf=3025194257&lmt=1629899390&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899390800&bpp=2&bdt=3620&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600%2C240x600&nras=1&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&psts=AGkb-H-Ar27_jpGZeW50vOo73tUeevjv1993Izf8P3FhIFXdAzdLsEJ-4Xa74afXOMbkjE-oMaFJvpmGiMT_Fg%2CAGkb-H_WR4Nl3QQfjoVVzYIG_n09U8pDz3-iaucYQfCh9Cv9NbEsZGDWKJn2M17kpbFd4EfCHKUBX4OTrAW5Zg&pvsid=3580361670672971&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=13
Frame ID: 224DECC04E79D06D82747A475C00F2B7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work
Frame ID: 755D0D9C7A92D695DF4F712465BD93BE
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Frame ID: 0FEAAA0E27319DA7F33C2977D4153E11
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 75096BFD8AB109E386F2E652A80275A6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B882233B1BFF32E08F66E0A58D08303E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

THE 東北楽天ゴールデンイーグルス

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- All in One SEO Pack ([\d.]+) /i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

175
Requests

100 %
HTTPS

41 %
IPv6

26
Domains

40
Subdomains

33
IPs

5
Countries

4779 kB
Transfer

7537 kB
Size

0
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59502&channel_id=283298
Title: 一時保護のはずが“家族になった猫”の9年後

Search URL Search Domain Scan URL

URL: http://blue-a.org/?c=feeds_r&m=articles&f=0&u=lmth.31955052801202/txet/nuf.ggee//:sptth
Title: 今度友達が結婚するんだけど素直に祝えない気分

Search URL Search Domain Scan URL

URL: http://blue-a.org/?c=feeds_r&m=articles&f=0&u=lmth.49033111/sevihcra/pj.golb.uozagarakato-uonieg//:sptth
Title: ”永遠のロリ”佐々野愛美、ニップレスでGカップのバストを最大露出

Search URL Search Domain Scan URL

URL: http://blue-a.org/?c=feeds_r&m=articles&f=0&u=lmth.94632065/sevihcra/200-62300okenuraw/pj.roodevil.golb//:ptth
Title: 法の支配の歴史

Search URL Search Domain Scan URL

URL: http://blue-a.org/?c=feeds_r&m=articles&f=0&u=lmth.19706203/sevihcra/moc.13111311tydt//:ptth
Title: 【悲報】硫酸アタックを避ける方法ガチで存在しない

Search URL Search Domain Scan URL

URL: http://blue-a.org/?c=feeds_r&m=articles&f=0&u=lmth.94595583/sevihcra/pj.golb.tmpohc2//:sptth
Title: 【画像】橋本環奈ちゃんの昔と現在ｗｗｗｗｗｗｗｗｗｗ

Search URL Search Domain Scan URL

URL: http://thebaseball.xyz/?team=eagles&pickup=876170
Title: 148キロ←これより気持ちの良い球速ないやろ

Search URL Search Domain Scan URL

URL: http://thebaseball.xyz/?team=eagles&pickup=876063
Title: 贔屓の試合１４３試合フルでみてるやつってがちでおるんかな

Search URL Search Domain Scan URL

URL: http://thebaseball.xyz/?team=eagles&pickup=875468
Title: 野球の守備ってバッティングより緊張するよな

Search URL Search Domain Scan URL

URL: http://thebaseball.xyz/?team=eagles&pickup=875357
Title: 【朗報】12球団の来季監督予想、だいたい確定か

Search URL Search Domain Scan URL

URL: http://thebaseball.xyz/?team=eagles&pickup=875296
Title: 涌井秀章(35)5.18 6勝8敗 92.1回

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.com/
Title: Powered by livedoor 相互RSS

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59503&channel_id=283299
Title: 「330円は安い」“即買いレベル”のダイソー商品

Search URL Search Domain Scan URL

URL: http://antennabank.com/sports/202108252204.14025919.html
Title: 【画像】韓国人プロゲーマー、ガチでかっこ良すぎると話題になってしまう

Search URL Search Domain Scan URL

URL: http://antennabank.com/sports/202108252154.14025862.html
Title: 【画像】この中国人美少女魅力的過ぎて草

Search URL Search Domain Scan URL

URL: http://antennabank.com/sports/202108252144.14023751.html
Title: 都道府県で打線組んだ

Search URL Search Domain Scan URL

URL: https://0matome.com/p/pf7e5c6f3ad8aef8f0ddab068dcc1ac18.html
Title: 【悲報】ももクロの玉井詩織さん、なんか思ってたのと違う感じになる40www

Search URL Search Domain Scan URL

URL: https://0matome.com/p/p315a541bb83ed0b0da9bc84491278f4d.html
Title: 【画像】エヴァンゲリオンの中身www

Search URL Search Domain Scan URL

URL: https://0matome.com/p/p12829d33f6afcbbd5566e46813bbdd5d.html
Title: ミリ単位で制球出来るピッチャーなら130キロのストレートだけでプロの打線抑えれる？

Search URL Search Domain Scan URL

URL: https://0matome.com/p/p4f68e41241ce54ed82a80535dae639a7.html
Title: 大谷翔平、エンゼルス大量7点リード8-1の場面で申告敬遠　敵地にもかかわらず大ブーイング

Search URL Search Domain Scan URL

URL: http://newsoku.jp/archives/1643401.html
Title: ＤｅＮＡ森敬斗選手が２０２０年最後の挨拶

Search URL Search Domain Scan URL

URL: http://newsoku.jp/archives/1644029.html
Title: カープ選手からの「あけましておめでとう2021年」堂林家は幸せな家族写真の年賀状をUP

Search URL Search Domain Scan URL

URL: http://newsoku.jp/archives/1643893.html
Title: 巨人、育成で入った無名の選手まで引退後の面倒を見る！

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59505&channel_id=283300
Title: 朝から“丸見え”で笑ってしまった夏の風物詩

Search URL Search Domain Scan URL

URL: http://puroyakyuu.atna.jp/items/view/1737901
Title: 巨人が中田を使うべきではない理由

Search URL Search Domain Scan URL

URL: https://x.antenam.info/items/view/2293471
Title: カープ森下、12戦連続QSもまたも援護なく7度目の1得点　6敗目で貯金ゼロ　登板日の平均得点2・73

Search URL Search Domain Scan URL

URL: http://puroyakyuu.atna.jp/items/view/1738321
Title: 【試合結果】ヤクルト３－３中日　マクガフワイルドピッチで石川の勝ちが消える

Search URL Search Domain Scan URL

URL: https://x.antenam.info/items/view/2293566
Title: 【試合結果】中日 3-3 ヤクルト　リリーフ陣が無失点で凌ぎ敵失で引き分けに持ち込む

Search URL Search Domain Scan URL

URL: http://puroyakyuu.atna.jp/items/view/1738164
Title: 都道府県で打線組んだ

Search URL Search Domain Scan URL

URL: https://x.antenam.info/items/view/2293499
Title: 【実況・雑談用】８/２５公式戦　ｖｓ阪神タイガース

Search URL Search Domain Scan URL

URL: http://puroyakyuu.atna.jp/items/view/1738182
Title: 【燕実況】ヤクルト対中日【雑談】

Search URL Search Domain Scan URL

URL: https://x.antenam.info/items/view/2293555
Title: 中日、9回2アウトの土壇場で同点に追いつく！

Search URL Search Domain Scan URL

URL: http://puroyakyuu.atna.jp/items/view/1737764
Title: 【ファーム試合結果】ヤクルト１３－１西武　15安打13得点で大勝！

Search URL Search Domain Scan URL

URL: https://x.antenam.info/items/view/2293369
Title: ＤｅＮＡドラ３松本隆之介　ファームで三者連続三振デビュー

Search URL Search Domain Scan URL

URL: https://blogroll.livedoor.net/ad_redirect?ad_id=59508&channel_id=283301
Title: 手術後の“ニャンコの様子”が「逆に心配になる」

Search URL Search Domain Scan URL

URL: https://yakiu-antenna.net/eagles/361523.html
Title: 【楽天対オリックス15回戦】楽天対オリックスは２－２で引き分け

Search URL Search Domain Scan URL

URL: https://yakiu-antenna.net/eagles/361182.html
Title: 早川隆久 7勝4敗防御率3.47 WHIP1.23

Search URL Search Domain Scan URL

URL: https://yakiu-antenna.net/eagles/361171.html
Title: 早川隆久 7勝4敗防御率3.47 WHIP1.23

Search URL Search Domain Scan URL

URL: http://www.news1000000.com/archives/58399977.html
Title: 【カープ試合結果】巨5-3広[2021/8/25] 玉村5回3失点粘投＆自ら2点打奮闘も報われず　コルニエル被弾2失点　カープ3連敗

Search URL Search Domain Scan URL

URL: http://www.news1000000.com/archives/58399797.html
Title: The Simple Reality About Crypto Saving Fund That No One Is Telling You

Search URL Search Domain Scan URL

URL: http://www.news1000000.com/archives/58399604.html
Title: 【ドラゴンズ実況】 8/25 中日 vs ヤクルト（静岡）18:00開始

Search URL Search Domain Scan URL

URL: https://iwashi.biz/?aid=6401430.15025
Title: 【超画像】大久保佳代子さん、若返るwwwwwww

Search URL Search Domain Scan URL

URL: https://iwashi.biz/?aid=6401430.15027
Title: 【超画像】大久保佳代子さん、若返るwwwwwww

Search URL Search Domain Scan URL

URL: https://iwashi.biz/?aid=6401455.15025
Title: 【画像】若手女優さん続々YouTube始めるも無様に散る・・・

Search URL Search Domain Scan URL

URL: https://iwashi.biz/?aid=6401455.15027
Title: 【画像】若手女優さん続々YouTube始めるも無様に散る・・・

Search URL Search Domain Scan URL

URL: https://baseball-data.com/
Title: <img src="https://baseball-data.com/bp/st/header-r.png" style="height:40px;border:0;margin:0;padding:0" alt="プロ野球データFreak">

Search URL Search Domain Scan URL

URL: https://baseball-data.com/team/pa.html
Title: <img src="https://baseball-data.com/bp/st/r-pa1.png" style="height:168px;border:0;margin:0;padding:0" alt="パリーグ順位表">

Search URL Search Domain Scan URL

URL: https://baseball-data.com/team/ce.html
Title: <img src="https://baseball-data.com/bp/st/r-cef1.png" style="height:187px;border:0;margin:0;padding:0" alt="セリーグ順位表">

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?1985148:top

Search URL Search Domain Scan URL

URL: https://blog.with2.net/welcome/?parts=y
Title: 参加する

Search URL Search Domain Scan URL

URL: https://blog.with2.net/link.php?1985148
Title: このブログに投票する

Search URL Search Domain Scan URL

URL: https://spnativeapi.i-mobile.co.jp/api/ad_link.ashx?pid=35584&mid=138934&asid=1549787&advid=6541265&vh=9b06d3d88a621985fa725192c07e5ba9
Title: 剣と魔法のファンタジーが味わえる王道RPG

Search URL Search Domain Scan URL

URL: http://rranking9.ziyu.net/search_word.php?id=rakuten
Title: Google検索

Search URL Search Domain Scan URL

URL: https://spnativeapi.i-mobile.co.jp/api/ad_link.ashx?pid=35584&mid=138934&asid=1549800&advid=6542616&vh=170cf2e6ac989da6da5348b490fc4b79
Title: 日向坂46のビビアミTVCM公開中！ゲームでも...

Search URL Search Domain Scan URL

URL: http://rranking9.ziyu.net/edit.php?id=rakuten
Title: Edit

Search URL Search Domain Scan URL

URL: http://www.ziyu.net/
Title: ACR WEB

Search URL Search Domain Scan URL

URL: http://newsoku.jp/
Title: ニュー速アンテナ

Search URL Search Domain Scan URL

URL: http://thebaseball.xyz/
Title: THE BASEBALL

Search URL Search Domain Scan URL

URL: http://antennabank.com/
Title: アンテナバンク

Search URL Search Domain Scan URL

URL: http://blue-a.org/feeds/show_feeds/
Title: ブルーアンテナ

Search URL Search Domain Scan URL

URL: https://0matome.com/
Title: おまとめ

Search URL Search Domain Scan URL

URL: http://x.antenam.info/
Title: ネクストバッターズアンテナ

Search URL Search Domain Scan URL

URL: http://puroyakyuu.atna.jp/
Title: プロ野球まとめアンテナ

Search URL Search Domain Scan URL

URL: http://yakiu-antenna.net/
Title: やきうアンテナ彡(ﾟ)(ﾟ)

Search URL Search Domain Scan URL

URL: http://www.news1000000.com/
Title: ニュース＄ミリオネア

Search URL Search Domain Scan URL

URL: http://iwashi.biz/
Title: いわしアンテナ

Search URL Search Domain Scan URL

URL: https://blogranking.fc2.com/in.php?id=1041771
Title: <img src="https://static.fc2.com/blogranking/ranking_banner/a_03.gif">

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 135

https://d.agkn.com/pixel/2175/?google_gid=CAESENdbwaYEtGVkbsQgO9ltWUk&google_cver=1&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg&google_hm=Q0FFU0VOZGJ3YVlFdEdWa2JzUWdPOWx0V1Vr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg&google_hm=Q0FFU0VOZGJ3YVlFdEdWa2JzUWdPOWx0V1Vr&google_tc=

Request Chain 136

https://rtb.openx.net/sync/dds?google_gid=CAESEAlT2NaVVzfCl3rERKIdgfA&google_cver=1&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEAlT2NaVVzfCl3rERKIdgfA&google_cver=1&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&google_hm=vSioyxZawzwXeaCnCBAFKg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&google_hm=vSioyxZawzwXeaCnCBAFKg==&google_tc=

Request Chain 137

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIgX6oG6ZZhGLfzD5wBHG3E&google_cver=1&google_push=AYg5qPInCfFhGmnEy7YDnCWC3-UmLuPLx4DIiVH90iHphvAcGallMGJgRjGuQtxqJw3PEWb_9rdUxHmjrb8lPDUCefza06Bg20p- HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIgX6oG6ZZhGLfzD5wBHG3E&google_cver=1&google_push=AYg5qPInCfFhGmnEy7YDnCWC3-UmLuPLx4DIiVH90iHphvAcGallMGJgRjGuQtxqJw3PEWb_9rdUxHmjrb8lPDUCefza06Bg20p-&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zKKYUP0wRS2SLiu-eLVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInCfFhGmnEy7YDnCWC3-UmLuPLx4DIiVH90iHphvAcGallMGJgRjGuQtxqJw3PEWb_9rdUxHmjrb8lPDUCefza06Bg20p- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zKKYUP0wRS2SLiu-eLVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInCfFhGmnEy7YDnCWC3-UmLuPLx4DIiVH90iHphvAcGallMGJgRjGuQtxqJw3PEWb_9rdUxHmjrb8lPDUCefza06Bg20p-&google_tc=

Request Chain 138

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHXiS5nqc1GGfmLi7rzshHc&google_cver=1&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NSSzBJOU8tWS1FREtC&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NSSzBJOU8tWS1FREtC&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ&google_tc=

Request Chain 139

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc=

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

175 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
touhokurakutenngo-rudenni-gurusu.work/ 163 KB
18 KB 1543ms
1026ms Document
text/html 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: be7a435b571cc9cb1f137c0f2d76b8a24845a6ca2e998503c4a4354b8b779b11

Request headers

:method: GET
:authority: touhokurakutenngo-rudenni-gurusu.work
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
link: <https://touhokurakutenngo-rudenni-gurusu.work/wp-json/>; rel="https://api.w.org/" <https://wp.me/aQx77>; rel=shortlink
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 25 Aug 2021 13:49:46 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 795
date: Wed, 25 Aug 2021 13:36:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 25 Aug 2021 15:36:32 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.3.8/wp-includes/css/dist/block-library/ 40 KB
6 KB 32ms
30ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.3.8/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 10 Jun 2020 15:48:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H3-Q050 200 styles.css
touhokurakutenngo-rudenni-gurusu.work/wp-content/plugins/contact-form-7/includes/css/ 2 KB
629 B 298ms
270ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Mon, 06 Jan 2020 11:44:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 559
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H3-Q050 200 style.css
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni8_child/keni8-child/ 274 B
293 B 342ms
313ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni8_child/keni8-child/style.css?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: b3eb378d70a956fb7309cda4cfc0dda618aaaaba7287785052cc4fc4cbd90fb7

Request headers

:path: /wp-content/themes/keni8_child/keni8-child/style.css?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
last-modified: Thu, 04 Apr 2019 08:06:52 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 274
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H3-Q050 200 base.css
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/ 118 KB
21 KB 342ms
313ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/base.css?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 1f53913974e04d99803de43828bea6a445fae29ebdf16345af5df275b45b38f4

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/base.css?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21020
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H3-Q050 200 advanced.css
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/ 20 KB
4 KB 342ms
314ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/advanced.css?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 817232d2c01e544fd9f8ed3ceb88105d146ac6baa372174bca8ee1245de9c1f4

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/advanced.css?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3750
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H3-Q050 200 base.css
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni8_child/keni8-child/ 54 B
99 B 342ms
314ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni8_child/keni8-child/base.css?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: c4e0253f90b114a9f81ce66ea5da376d04d0e9e4850c38e997af6e9834926135

Request headers

:path: /wp-content/themes/keni8_child/keni8-child/base.css?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
last-modified: Thu, 04 Apr 2019 08:02:29 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 54
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H3-Q050 200 advanced.css
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni8_child/keni8-child/ 56 B
75 B 338ms
310ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni8_child/keni8-child/advanced.css?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 543d73afa1579f2ab52305aa942c9eeb7d4e443187afc17c9a1185448e01ffa8

Request headers

:path: /wp-content/themes/keni8_child/keni8-child/advanced.css?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
last-modified: Thu, 04 Apr 2019 08:02:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/8.0.1/css/ 70 KB
12 KB 32ms
31ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.0.1/css/jetpack.css

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

072cfdc3b5c6541f3d3c06ebd4c138ab38b6e7983704b73dcb46710ac3ccb05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Tue, 26 Nov 2019 15:09:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H3-Q050 200 /
touhokurakutenngo-rudenni-gurusu.work/ 5 KB
1 KB 700ms
673ms Stylesheet
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/?custom-css=c9cc235144
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 2436a6117cc11ad004a9d19b17279560db186810761510643f7f3f1037d5f04c

Request headers

:path: /?custom-css=c9cc235144
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
content-length: 1387
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 rss-feed.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/ 15 KB
15 KB 1032ms
1031ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/rss-feed.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: e654d10bd53c968740aba1d5c705dd9284c331415d8f8d2be36a83ed315a6214

Request headers

:path: /wp-content/uploads/2019/04/rss-feed.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
last-modified: Mon, 01 Apr 2019 14:09:35 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15202
expires: Wed, 01 Sep 2021 13:49:48 GMT

GET
H2 200 rakutenkansei.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/ 3 MB
3 MB 1032ms
1031ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/rakutenkansei.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 00da23b516605a1a0935685e2c74bca94619edc6ff8dc8eea4a36b8dccaa8502

Request headers

:path: /wp-content/uploads/2019/03/rakutenkansei.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
last-modified: Wed, 27 Mar 2019 07:36:34 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3229600
expires: Wed, 01 Sep 2021 13:49:48 GMT

GET
H2 200 search_black.svg
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/images/icon/ 1015 B
638 B 1696ms
1695ms Image
image/svg+xml 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/images/icon/search_black.svg
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 7dcf5b6b4cb5eeaabedae0c105a2b3ddfe1073ffef195d6f93f7809bf314dc53

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/images/icon/search_black.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 591
expires: Wed, 01 Sep 2021 13:49:48 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 46ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78b7e8b9e77c824042df8179657999a3b42a1833df79199b6dc5c2fd60070e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49968
x-xss-protection: 0
server: cafe
etag: 4342231230729962060
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 13:49:47 GMT

GET
H/1.1 200
OK blogroll.js Show response
blogroll.livedoor.net/js/ 15 KB
4 KB 848ms
282ms Script
application/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/js/blogroll.js
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 0d80f3242f87172d31de75947d120ff8da9caf53b5827e5ca96c2bce0daaad19

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: W/"6007ef97-3ca8"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3

GET
H2 200 wp-emoji-release.min.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-includes/js/ 14 KB
4 KB 1681ms
1680ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-includes/js/wp-emoji-release.min.js?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 04:13:10 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4248
expires: Wed, 01 Sep 2021 13:49:48 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1493
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28872
x-tw-cdn: VZ
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67A8)
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 rakutenrogo_waifu2x_photo_noise3_scale_tta_1-150x150.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/ 9 KB
9 KB 2404ms
2403ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/rakutenrogo_waifu2x_photo_noise3_scale_tta_1-150x150.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: ff48ec131857878aa8635dfeaa5ef9a74860e697c74e0f4e54365d7abb779daa

Request headers

:path: /wp-content/uploads/2019/03/rakutenrogo_waifu2x_photo_noise3_scale_tta_1-150x150.png
pragma: no-cache
cookie: __gads=ID=c32582b4326256f9-227cc172b3c8004d:T=1629899388:RT=1629899388:S=ALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:49 GMT
last-modified: Wed, 27 Mar 2019 07:36:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9118
expires: Wed, 01 Sep 2021 13:49:49 GMT

GET
H2 200 pl-999154223792.jpg
i1.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/ 716 B
773 B 28ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/pl-999154223792.jpg?resize=40%2C40&ssl=1

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

430509e7b5a7b344ff7a001b378bf5fe078ed3dc0cddaf2b5eb43d80494e53a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Wed, 25 Aug 2021 13:49:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Aug 2021 12:57:17 GMT
server: nginx
etag: "a93ed17fa94c066c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/pl-999154223792.jpg>; rel="canonical"
content-length: 716
expires: Sat, 26 Aug 2023 00:57:17 GMT

GET
H2 200 EvsC-1.png
i0.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/ 802 B
836 B 28ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/EvsC-1.png?resize=40%2C40&ssl=1

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e9f7f42240a9b8f24f1d339cee46c87a1f05d7fa59e8e985156faae3690740ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 25 Aug 2021 13:49:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 04:57:31 GMT
server: nginx
etag: "84cceb4070dcf893"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/EvsC-1.png>; rel="canonical"
content-length: 802
expires: Sat, 19 Aug 2023 16:57:31 GMT

GET
H2 200 14322.png
i0.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/ 506 B
563 B 28ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/14322.png?resize=40%2C40&ssl=1

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

744957172039218201f20acf2fdcb3c3adb915f1601b0f5b985a013daddb9ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 04:57:31 GMT
server: nginx
etag: "5f336ad4c44591ab"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/04/14322.png>; rel="canonical"
content-length: 506
expires: Sat, 19 Aug 2023 16:57:31 GMT

GET
H2 200 uZAT6Nm.jpg
i1.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/06/ 728 B
762 B 28ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/06/uZAT6Nm.jpg?resize=40%2C40&ssl=1

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a063c7387fa64101d0e4de1e6d86263c02611134afc27af3d7da953c41eea86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 Aug 2021 13:49:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 04:57:25 GMT
server: nginx
etag: "87ffe391752e0ce6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/06/uZAT6Nm.jpg>; rel="canonical"
content-length: 728
expires: Sat, 19 Aug 2023 16:57:25 GMT

GET
H2 200 parts_view.js Show response
blogparts.blogmura.com/js/ 3 KB
3 KB 451ms
267ms Script
application/javascript 54.250.28.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blogparts.blogmura.com/js/parts_view.js
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.28.113 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-28-113.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: c9c88e8e5e3a54f5bf0694797b4eb8092cdc73260eb8a915d56917e5d160866d

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
last-modified: Mon, 18 Jan 2021 02:58:36 GMT
accept-ranges: bytes
content-length: 2958
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript

GET
H/1.1 200
OK / Show response
blog.with2.net/parts/2.0/ 104 KB
37 KB 1222ms
307ms Script
text/javascript 153.120.49.88
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/?id=1985148:HJVmcRPj3yI&c=pink
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.88 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www34.with2.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: db2dbe84a74dd680313d06f35fed4f7024157540a4cdcc6e48ceb6308300739f

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:48 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=euc-jp
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 37103

GET
H/1.1 200
OK rakuten.js Show response
rranking9.ziyu.net/js/ 3 KB
1 KB 1226ms
307ms Script
application/x-javascript 133.242.86.196
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://rranking9.ziyu.net/js/rakuten.js
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.242.86.196 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 909ff0f6923c2a0ac963be0c145b49f1e64cc782388509663500dd71996e85ae

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK rank.php Show response
rranking9.ziyu.net/ 390 B
490 B 1231ms
309ms Script
application/x-javascript 133.242.86.196
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://rranking9.ziyu.net/rank.php?rakuten
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.242.86.196 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 092ca847eea2fa79b69e5d49821c730fa96849feb9202bbf6b5e0afa42ab801a

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.3.8/wp-includes/js/jquery/ 95 KB
32 KB 36ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.3.8/wp-includes/js/jquery/jquery.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.3.8/wp-includes/js/jquery/ 10 KB
4 KB 36ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.3.8/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H2 200 scripts.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 260ms
257ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Mon, 06 Jan 2020 11:44:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3752
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 37ms
33ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202134
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: gzip
server: nginx
etag: W/"5867460b-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Mon, 22 Aug 2022 14:24:52 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 23 KB
7 KB 9ms
5ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Augaa
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 wpgroho.js Show response
c0.wp.com/p/jetpack/8.0.1/modules/ 1 KB
476 B 35ms
32ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.0.1/modules/wpgroho.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Thu, 04 Apr 2019 21:15:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H2 200 rakuten2.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/ 2 KB
585 B 260ms
257ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/rakuten2.js?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 3fef0188787c1c74c10ee0e058b4aaed697068ccb482255509697860a8bac248

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/rakuten2.js?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Mon, 06 Jan 2020 13:06:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 556
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 navigation.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/ 3 KB
985 B 258ms
257ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/navigation.js?ver=20151215
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/js/navigation.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 951
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 skip-link-focus-fix.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/ 685 B
366 B 259ms
257ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/js/skip-link-focus-fix.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 332
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 utility.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/ 23 KB
6 KB 259ms
257ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/utility.js?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 050134f1c95f8478a83227c561898a40a1ed2f3c006342c0292218a9a3f08511

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/js/utility.js?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5981
expires: Wed, 01 Sep 2021 13:49:47 GMT

GET
H2 200 insertstyle.js Show response
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/ 496 B
311 B 641ms
641ms Script
application/javascript 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/insertstyle.js?ver=5.3.8
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 7323fcc7428c11c981b40ceb625cf497f5d04cdaecfa36c538a564bb326cd52e

Request headers

:path: /wp-content/themes/keni80_wp_standard_all_201901141646/js/insertstyle.js?ver=5.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: br
last-modified: Wed, 27 Mar 2019 04:11:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 230
expires: Wed, 01 Sep 2021 13:49:48 GMT

GET
H2 200 milestone.min.js Show response
c0.wp.com/p/jetpack/8.0.1/_inc/build/widgets/milestone/ 639 B
367 B 32ms
31ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.0.1/_inc/build/widgets/milestone/milestone.min.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

30866c176478249701b8783b0f0ad098e693fc0efe984ea77cd1ad7e6b6198ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H2 200 lazy-images.min.js Show response
c0.wp.com/p/jetpack/8.0.1/_inc/build/lazy-images/js/ 9 KB
3 KB 32ms
31ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.0.1/_inc/build/lazy-images/js/lazy-images.min.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4c2d889ee46270fb2ae51c5ef8804efb7f03b4d5f2ab24a9fdd7a6400f75ea6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 10:15:39 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.3.8/wp-includes/js/ 1 KB
671 B 32ms
31ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.3.8/wp-includes/js/wp-embed.min.js

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: br
last-modified: Fri, 05 Feb 2021 03:16:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:49:47 GMT

GET
H2 200 e-202134.js Show response
stats.wp.com/ 9 KB
3 KB 32ms
31ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202134.js
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 14 Aug 2022 17:35:36 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=734357077&t=pageview&_s=1&dl=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&ul=en-us&de=UTF-8&dt=THE%20%E6%9D%B1%E5%8C%97%E6%A5%BD%E5%A4%A9%E3%82%B4%E3%83%BC%E3%83%AB%E3%83%87%E3%83%B3%E3%82%A4%E3%83%BC%E3%82%B0%E3%83%AB%E3%82%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1973291787&gjid=2125846593&cid=1362158152.1629899387&tid=UA-128360317-1&_gid=1349438691.1629899387&_r=1&_slc=1&z=1743507675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://touhokurakutenngo-rudenni-gurusu.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/ Frame BB9C 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210816/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Aug 2021 08:37:30 GMT
expires: Wed, 08 Sep 2021 08:37:30 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 18737
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9714077328651906&plah=touhokurakutenngo-rudenni-gurusu.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

503885908301e338782bcb56814eecb5011a3b0eab9affafa8456352e53b3f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 7035239269055453974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 13:49:47 GMT

GET
H2 200 /
touhokurakutenngo-rudenni-gurusu.work/ 5 KB
5 KB 1707ms
1707ms Image
text/css 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/?custom-css=c9cc235144
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/?custom-css=c9cc235144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /?custom-css=c9cc235144
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/?custom-css=c9cc235144
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/?custom-css=c9cc235144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
content-length: 1387
expires: Wed, 01 Sep 2021 13:49:48 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 227 B
677 B 125ms
54ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=touhokurakutenngo-rudenni-gurusu.work&callback=_gfp_s_&client=ca-pub-9714077328651906

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9714077328651906&plah=touhokurakutenngo-rudenni-gurusu.work

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a36ba4c8eec844e283ca702da5deef8cfafbd9c973c9914d9fa2633f6ce4009b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=touhokurakutenngo-rudenni-gurusu.work

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=touhokurakutenngo-rudenni-gurusu.work

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B38 69 KB
26 KB 718ms
718ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8207de5aa3e7969e72442ca1ab70fe13c2f88b26838d9c3fbd1e4f74a77119e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 13:49:48 GMT
server: cafe
content-length: 25997
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 14:04:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:48 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718286636491"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27620
x-xss-protection: 0
expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/283298/ 11 KB
4 KB 287ms
287ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/283298/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 9372bc2449c237a7115ed8e0003475b6540863e64aa1bca96c8144894c65178f

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:48 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Vary: Accept-Encoding
X-Cache: MISS from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Wed, 25 Aug 2021 13:59:48 GMT

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/283299/ 11 KB
4 KB 573ms
282ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/283299/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: e7ff1e480b0205c082078643649549ea5880cb67f6d9ce71266de982827e78fd

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 438
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Wed, 25 Aug 2021 13:52:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=touhokurakutenngo-rudenni-gurusu.work

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=touhokurakutenngo-rudenni-gurusu.work

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B2F 71 KB
27 KB 1071ms
1071ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe9bc53b27e5462fdadbb24cac91aa7c90a08ec69b26093a12a4d89a43eeb540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 13:49:49 GMT
server: cafe
content-length: 27799
x-xss-protection: 0
set-cookie: IDE=AHWqTUkxLOsI0tLaZk69-p5x5dm4vu7T3xNtU8VcvuKlT1lDjT9EuFn31g8RjfhVo_4; expires=Mon, 19-Sep-2022 13:49:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:49 GMT
cache-control: private

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 keni8-icons.ttf
touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/fonts/ 7 KB
7 KB 1812ms
1811ms Font
font/ttf 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/fonts/keni8-icons.ttf?ds3ffr
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/base.css?ver=5.3.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: f60c4c1af15ee5f4db7e204a7af1fd6ce72fb5ee3df122c30eabe42343da8e3f

Request headers

sec-fetch-mode: cors
origin: https://touhokurakutenngo-rudenni-gurusu.work
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __gads=ID=c32582b4326256f9-227cc172b3c8004d:T=1629899388:RT=1629899388:S=ALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw
:path: /wp-content/themes/keni80_wp_standard_all_201901141646/fonts/keni8-icons.ttf?ds3ffr
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/base.css?ver=5.3.8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://touhokurakutenngo-rudenni-gurusu.work
Referer: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/base.css?ver=5.3.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:49 GMT
last-modified: Wed, 27 Mar 2019 04:11:28 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/ttf
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7032
expires: Wed, 01 Sep 2021 13:49:49 GMT

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/283300/ 11 KB
4 KB 696ms
279ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/283300/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: adcecd7d685226871bcca4601d93565f861bdea83fd0a4ec2a020ae194717d2d

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 427
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Wed, 25 Aug 2021 13:52:42 GMT

GET
H/1.1 200
OK roll_data Show response
blogroll.livedoor.net/283301/ 10 KB
4 KB 720ms
283ms Script
text/javascript 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blogroll.livedoor.net/283301/roll_data
Requested by: Host: blogroll.livedoor.net
URL: https://blogroll.livedoor.net/js/blogroll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: /
Resource Hash: 4397c675b49784c0053d508bb5456e54fe556321f1d54123cf1a9c01ddeff874

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Content-Encoding: gzip
X-Cache-Lookup: HIT from blogroll.livedoor.com:3128
Age: 8
Vary: Accept-Encoding
X-Cache: HIT from blogroll.livedoor.com
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=3
Expires: Wed, 25 Aug 2021 13:59:41 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EFE 120 KB
38 KB 506ms
506ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fc81abcea912f2fdcebbb4f5f74eb9b73006c168756bb3829f27d9eefc4b11

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDP3rCozPICFfAbBgAdWdQGNQ&gqi=fEomYePJM57ensEPv6qcyAc&layout=/sadbundle/%24csp%253Der3%24/4890867460893888538/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDP3rCozPICFfAbBgAdWdQGNQ&gqi=fEomYePJM57ensEPv6qcyAc&layout=/sadbundle/%24csp%253Der3%24/4890867460893888538/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 13:49:49 GMT
server: cafe
content-length: 37869
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 14:04:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:49 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C00F 313 KB
42 KB 583ms
582ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a39bc65bd9c18b59f76a7393e6407d84f2f36626428739eb53377d6a5c5b78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 13:49:49 GMT
server: cafe
content-length: 42688
x-xss-protection: 0
set-cookie: IDE=AHWqTUn1SmcTZzu3dWj2nBoJra8mUD2CYT-bqeW5iByImtCV-d3K0ID9T0LeAJLBkLY; expires=Mon, 19-Sep-2022 13:49:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:49 GMT
cache-control: private

GET
H2 200 blogmura_parts.html Show response
blogmura.com/ Frame 8414 4 KB
1 KB 405ms
263ms Document
text/html 18.176.86.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blogmura.com/blogmura_parts.html?chid=10962975&oldCatId=&oldSubCatId=&type=pv&catId=11373

Requested by

Host: blogparts.blogmura.com
URL: https://blogparts.blogmura.com/js/parts_view.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.176.86.15 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-176-86-15.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ab0c324bfd17329042f7776d64c8aaa168570dd372f54dcd83f3fa2198690f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: blogmura.com
:scheme: https
:path: /blogmura_parts.html?chid=10962975&oldCatId=&oldSubCatId=&type=pv&catId=11373
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

date: Wed, 25 Aug 2021 13:49:49 GMT
content-type: text/html;charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: accept-encoding
content-encoding: gzip
content-language: en-US

GET
H2 200 pvcount.GIF
blogparts.blogmura.com/pts/ 1 KB
1 KB 268ms
267ms Image
image/gif 54.250.28.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogparts.blogmura.com/pts/pvcount.GIF?chid=10962975
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.28.113 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-28-113.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cab7cf5fdcaec5cef59c098589ba78acb18018f9dd7f1ca849a14c037a29aeb8

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:49 GMT
accept-ranges: bytes
content-length: 1101
content-type: image/gif

GET
H2 200 11455320262328853069
tpc.googlesyndication.com/simgad/ Frame 3B38 34 KB
35 KB 33ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11455320262328853069?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmb4qTLqbTZymonR337jg4EGedtDQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e33bd3eeb6d3e82825ca5990e311ada69b68575d9c5d5d205719adaf3a1618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 11:30:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 16:03:32 GMT
server: sffe
age: 94754
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35280
x-xss-protection: 0
expires: Wed, 24 Aug 2022 11:30:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 3B38 18 KB
8 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:44:53 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3B38 2 KB
1 KB 39ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:45:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B38 124 KB
37 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3B38 14 KB
6 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:47:59 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 3B38 26 KB
11 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10771
x-xss-protection: 0
server: cafe
etag: 12253238251956766473
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 12:10:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B38 0
0 28ms
26ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6AWXfEomYcnQCNjm1gaq4pPoAf_nqMVkyr_Plv0M29keEAEguqH4bGCVAqABnc2l-wLIAQKpAt-WIiirtrM-qAMByAPJBKoE3QFP0GoPAsUnN6nBQ6smurmIUxJjpk3j6f5z-DU8ovIsNhP8oSCUJ4HCO0nEoEoyrLLIxC0F0Fmmpbi3BggfeZdyF1XugMT1fNGKSZf3vRE8N4LJ0jWf3L2h819sT7DEeSd6wnKJWsq62xl5HRYoUJuDPCTPnFp0aq99FBtI1ZBNqqykjeLU-PZpCAEYH2Q2jqN4pBoievbbgcrae8slTho16QBslt5jHR1jCOG_Wh5aJRpvWL10IQjpSAthKh5mvzGyW6rsJBGSdqIgwR5DgvkwKoNbWbki-6GD8utjlsAE8JXFsaYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8uy2oQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELG_GNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzE0MDc3MzI4NjUxOTA2GAA&sigh=JmEWlOq_ONo

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 13:49:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 645ms
269ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=283298
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A7E3 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnLGNRhf5aKzgOioOKWa5aTMj3DpDLBHS17AQDqOBH8GJc7mAOsrdfoL-8LVbc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=3589012407&adf=186405042&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899387890&bpp=163&bdt=710&idt=215&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=5546876133630&frm=20&pv=2&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=up0UURSJ13&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=234

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 13:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3B38 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 464b5db64020e574cfdc0ec0c89054ee9fa6a91e901fc6224199b6dd5207ad2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A7E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnLGNRhf5aKzgOioOKWa5aTMj3DpDLBHS17AQDqOBH8GJc7mAOsrdfoL-8LVbc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:49 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 14:49:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:49 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame E207 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:22:03 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 331ms
269ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=283299
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H2 200 imp_spot_define.js Show response
imp-adedge.i-mobile.co.jp/script/ 225 KB
53 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:3400:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Requested by: Host: rranking9.ziyu.net
URL: https://rranking9.ziyu.net/js/rakuten.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3400:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f0fb28839791554d1b7f93eae4e6a8eb78b043691ce867e4ba33c26dd1d42585

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 25 Aug 2021 13:34:31 GMT
content-encoding: gzip
etag: W/"07c83e19997d71:0"
last-modified: Sun, 22 Aug 2021 21:08:40 GMT
server: Microsoft-IIS/10.0
age: 934
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 4j1KqjESFvIqq36PHibCB20HpTmwxhtJ1vxocsB6JIkHkd5_eQxH6Q==
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)

GET
H2 200 blogparts-bb5b9fff05c8cf02479d0d927c486145.css
static.blogmura.com/css/ Frame 8414 2 KB
1 KB 100ms
31ms Stylesheet
text/css 13.224.96.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.blogmura.com/css/blogparts-bb5b9fff05c8cf02479d0d927c486145.css

Requested by

Host: blogmura.com
URL: https://blogmura.com/blogmura_parts.html?chid=10962975&oldCatId=&oldSubCatId=&type=pv&catId=11373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-126.zrh50.r.cloudfront.net

Software

Resource Hash

b741ae83cb94d6035e40a0983a9f24708416585dbc00912daba74d1e0e4855a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogmura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 05:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2794150
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Jul 2021 00:51:48 GMT
x-frame-options: DENY
etag: W/"bb5b9fff05c8cf02479d0d927c486145"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: text/css
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nzSl7elwMrGdzdBkYucCyaryiUwaZizUhG-DI4tDzYAS6E5eh19ukw==

GET
H2 200 125_41_nf.gif
b.blogmura.com/ Frame 8414 1 KB
1 KB 1020ms
951ms Image
image/gif 13.224.96.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.blogmura.com/125_41_nf.gif
Requested by: Host: blogmura.com
URL: https://blogmura.com/blogmura_parts.html?chid=10962975&oldCatId=&oldSubCatId=&type=pv&catId=11373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-18.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f210d8ce81c03f90460256b6a1e600814f02739e858ad2c0839d42fb458b4e94

Request headers

Referer: https://blogmura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:51 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
last-modified: Thu, 28 Mar 2019 07:53:38 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "b500ba6b25a636fde3efe5aceb25319a"
x-cache: RefreshHit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 1088
x-amz-cf-id: 6_XGFwAFd-HWk7KZb4P5juwwK_VMIxV-1WZUQG9AZAwt3oP-9azVWA==
expires: Sat, 28 Mar 2020 07:49:09 GMT

GET
H/1.1 200
OK imp_spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/jsonp/imp/ 768 B
1021 B 1067ms
261ms Script
text/javascript 13.230.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/jsonp/imp/imp_spot.ashx?pid=35584&mid=138934&asid=1549787&asn=1&spec=1&dpr=1&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&direct=1&type=native&sf=inline&pos=4&viewability=true&imcallback=spot_deliver_imp_callback_1549787_1&cashid=1629899389365
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.7.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-7-5.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31f78761f67726590dade7271633f0ecbc60b945897b719d4081049c65143e8c

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 13:49:50 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 653
Expires: -1

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/ Frame 52C9 13 KB
3 KB 24ms
9ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

744ee22c8bcb89a57935e433ce07a904ca95cf9402220d7e6d1afd6fdc85c586

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4890867460893888538/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3173
date: Mon, 23 Aug 2021 14:55:19 GMT
expires: Tue, 23 Aug 2022 14:55:19 GMT
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 168870
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1E32 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAw2KfEomYfChNPC3mLAP2aibqAPSoP_RY4HqovqmDtvZHhABILqh-GxglQKgAcitgNoByAEJqQLQv5q926-zPqgDAcgDSKoE4AFP0G3jWnMLPFpyeWsIcWxLJswGiBHe3CMcxKsUapF31FyA-iNYMLzUfYrImDDdfxeSHOuvLesHZxY4vYTU3LbrqB3-g3h99MtY72Eg5pvGKLVhHP6cc_TzhLlkfO2BaGQqCbBCckj0JjzTUWWSchaMX-1N7DXCv-0YuaZAq6YeXYA2atvJjFAJrwCwdmXAEC3jvIdoOUHc5EKFKJOgXy1LCWIfEo3t2Q4KRhmzllyw7JiRRd8sOUI0cmkGO8t4fI_Rho4ZtDWVNF5DNOCRrgfL6sQ1cConzgD42uRL1wcHz8AErfCEw84DkgUECAQYAZIFBAgFGASgBi6AB6DS_6UCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMGkE9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NzE0MDc3MzI4NjUxOTA2GAA&sigh=PdT9in2rif0&template_id=419

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 13:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 1E32 18 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:44:53 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 1E32 2 KB
1 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:45:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E32 124 KB
37 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 13:49:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 1E32 14 KB
6 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:47:59 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8956 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnLGNRhf5aKzgOioOKWa5aTMj3DpDLBHS17AQDqOBH8GJc7mAOsrdfoL-8LVbc; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=2847437639&adf=2347572656&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388834&bpp=1&bdt=1654&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=917&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=dlMCKDOIeP&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 13:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1E32 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d249bb9d93fcfa175a78def55b36df697c40a0af4e374e28eb9371cb66d8ee19

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 52C9 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 52C9 26 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 Aug 2021 20:35:29 GMT

GET
H3-29 200 95e1cc7eebfcbedb22eb14f5b90e4ced.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/ Frame 52C9 66 KB
17 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/95e1cc7eebfcbedb22eb14f5b90e4ced.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b75d458919215ed21731c1ffc4a8482346f8f002b4f81128587702672c7753e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17536
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Mon, 23 Aug 2021 14:55:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 14:55:19 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 281ms
281ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=283300
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H/1.1 200
OK blank.gif
blogroll.livedoor.net/img/ 807 B
1 KB 276ms
276ms Image
image/gif 147.92.191.167
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogroll.livedoor.net/img/blank.gif?channel_id=283301
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.167 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:49 GMT
Last-Modified: Wed, 20 Jan 2021 08:53:43 GMT
Server: nginx
ETag: "6007ef97-327"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=3
Content-Length: 807
Expires: Wed, 25 Aug 2021 13:49:48 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8956
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUn1SmcTZzu3dWj2nBoJra8mUD2CYT-bqeW5iByImtCV-d3K0ID9T0LeAJLBkLY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:49 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 14:49:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:49 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 a7fe4a2259a1f9e84d7e75231fa4464f.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ Frame 52C9 52 KB
52 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/a7fe4a2259a1f9e84d7e75231fa4464f.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3559b2aca90914521d5c5eaa9148c4b75e5d59c7ae7b7a9e546e96f97c1fd6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 168870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53606
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Mon, 23 Aug 2021 14:55:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 14:55:19 GMT

GET
H3-29 200 ada21746561be14ae711747944292709.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ Frame 52C9 21 KB
6 KB 10ms
8ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ada21746561be14ae711747944292709.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25823240cb3de9f0be84cbca7c021243faca63b4064d492de859474c7e9e466

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Mon, 23 Aug 2021 14:55:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 14:55:19 GMT

GET
H3-29 200 6cee19a24cc85ea27e5adc6ac448808e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ Frame 52C9 11 KB
4 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/6cee19a24cc85ea27e5adc6ac448808e.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae87856032d9e02733a7e5eff424bcd35c294c625f81af7b92cbc57131ef1769

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 64581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3835
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Tue, 24 Aug 2021 19:53:28 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 19:53:28 GMT

GET
H3-29 200 531e474286cc264e1dd604c97551bd2b.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ Frame 52C9 5 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/531e474286cc264e1dd604c97551bd2b.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4ff21fedd9ab25f03b1d781446b006255f8a27aad2c380e44cb56d6eed72529

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2242
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Mon, 23 Aug 2021 14:55:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 14:55:19 GMT

GET
H3-29 200 e8a81bc86f6862be3804fdbb1b3d4618.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ Frame 52C9 7 KB
3 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/e8a81bc86f6862be3804fdbb1b3d4618.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e3f5fffdd2196deec9adc74de2eeaf4b1c89209c872a2acc9bdabe796ee3f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3023
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Mon, 23 Aug 2021 14:55:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 14:55:19 GMT

GET
H3-29 200 ea8e37620b32e4a3aa7128492209d57a.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ Frame 52C9 6 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/media/ea8e37620b32e4a3aa7128492209d57a.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4890867460893888538/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a8a67896983e62280fa6220f3844ffdb3a0bda3b723e75c3da60facd91f3d9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2177
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:18:27 GMT
server: sffe
date: Mon, 23 Aug 2021 14:55:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 14:55:19 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108100143000/ Frame 954D 188 KB
55 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55213
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 07:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2f5786613d323c5a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 954D 13 KB
5 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4877
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 07:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0140540fbe581c13"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 954D 89 KB
28 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 07:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07ab47082d8b4bd2"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 954D 71 KB
16 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c656d8e672d469ced91198a70c923478b581bf26c0470d5fa0c965e6c54e6fc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16668
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 07:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "93066ac4a12f382a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 954D 4 KB
2 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 07:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "758b6350805b356b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 954D 40 KB
13 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12835
x-xss-protection: 0
server: sffe
date: Wed, 25 Aug 2021 07:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9aa942d03505fee"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
DATA 200
OK truncated
/ Frame 954D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce86c62cca5cbbec2e52f229c50254e66501d1916b2489370cee4ec3db6d85e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bg01.jpg
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 20 KB
20 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/bg01.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04b6fb04f61c052c3bd0d9764c46516e18c8a3bec44f9832eddf0fad3924ed3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 00:30:35 GMT
x-content-type-options: nosniff
age: 307154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19983
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 00:30:35 GMT

GET
H3-29 200 txtSprite.png
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 19 KB
19 KB 17ms
15ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/txtSprite.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38df165d55ff9d44ee6a2730669d0fb887ee294129d26e5d2724446c878e0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 22:02:25 GMT
x-content-type-options: nosniff
age: 56844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19650
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 22:02:25 GMT

GET
H3-29 200 bg02.jpg
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 22 KB
22 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/bg02.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b90e14a4fefc03df42255504ea335e61fcd18e78aac605dacf146f3990690a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 00:30:35 GMT
x-content-type-options: nosniff
age: 307154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23003
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 00:30:35 GMT

GET
H3-29 200 bg03.jpg
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 25 KB
25 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/bg03.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f71653329443516f4c108568bc13dda02794c750f16f64b1a3825ad1dc85264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 00:30:35 GMT
x-content-type-options: nosniff
age: 307154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25110
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 00:30:35 GMT

GET
H3-29 200 bg04.jpg
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 25 KB
25 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/bg04.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16d2aacf105e10a4d3607434b1a22666e6707134204fff0c9d46fa4801fe7224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 00:30:35 GMT
x-content-type-options: nosniff
age: 307154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25912
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 00:30:35 GMT

GET
H3-29 200 legal.png
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/legal.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e798c61dea1d00bfffd93ec9fe13d19eb61b40b7458b40501107643058ff5fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 10:49:35 GMT
x-content-type-options: nosniff
age: 10814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3058
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 10:49:35 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 2 KB
2 KB 18ms
16ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904e3067379f300692256e8af18842b5797a0bac4dc2da7b857fbef6312b3ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 00:30:35 GMT
x-content-type-options: nosniff
age: 307154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2290
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 00:30:35 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/ Frame 954D 5 KB
5 KB 18ms
16ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7328991713522075147/de_Conversion_Configurator_Honda-e_300x600_NA/logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c11b6e3a82f2a1a135818b2b84ee2fa199d441d29c00cea727191bbfb6ced69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:38:21 GMT
x-content-type-options: nosniff
age: 83488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5210
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 23:19:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:38:21 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 954D 3 KB
3 KB 18ms
17ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 71215
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 25 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 954D 344 B
374 B 18ms
17ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54564
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 25 Aug 2021 22:40:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 954D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQs-RIiAtuy6hbbaahu4biKmGpLxhKmyp30aajVMNZxOS-4K-HVj9E9k242rBn7Aio3jC85psUbAQjMaUHscp6zd5GgYw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 954D 0
17 B 19ms
17ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf5h9fEomYbC-NZaS1gacmbzYBJnak51k6bT91PcN45-1jsUBEAEguqH4bGCVAqABn9K1twHIAQmpAoheE0JftrM-qAMByAMIqgTgAU_Qi7cOgeITFkkmAtReNoEN2WjuM171JDh57S4ddk2UCOFp-W6aBwK6JeeizkeeavrUuaN79SBhwn-ffYuC3R6C2XXlS3zPUtyOOP9B73_hUJSnNGQCKu8yxZ8DN1tYvijH_erTQPqTYkoo0PQknkeCuIMwSIiOo_acKFfKLZakUH1KzUryl_ErtFyr4pEhFSiEpuLuf4iUrylEY84ZosVoH53bfd9RdoG68niofpofkGS-gz7uYa4k3Y-AskD5tubDozosKFqSdUKGgMcstqx7MZA4iDbREfnBT8Za-j38wASR1ILF0QOSBQQIBBgBkgUECAUYBKAGLoAHya3KyAKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQnf4L0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTk3MTQwNzczMjg2NTE5MDYYAA&sigh=R4ais2CiEmk&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 13:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012108100143000/ 20 KB
7 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108100143000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21c36cb9b6db66c53637b9d92f2fd869cb564d7cede035edd343c75a934f396

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: sffe
date: Tue, 24 Aug 2021 13:22:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a074324ef190b333"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 13:22:33 GMT

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame 52C9 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:22:03 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 954D 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 18:02:54 GMT
x-content-type-options: nosniff
server: cafe
age: 71215
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Wed, 25 Aug 2021 18:02:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 954D 344 B
374 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54564
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 25 Aug 2021 22:40:25 GMT

GET
H3-29 200 15753479633319654784
tpc.googlesyndication.com/simgad/ Frame 0B2F 125 KB
125 KB 15ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15753479633319654784?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnGY5BLSI2HhzbJfe57yQuEpGdEcA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e67620565bb14bc4725aa2eef64d1f14cbdde4d191cfa59636f3e15d9aa99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 22:05:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 12:25:37 GMT
server: sffe
age: 56652
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127966
x-xss-protection: 0
expires: Wed, 24 Aug 2022 22:05:37 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 0B2F 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:44:53 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 0B2F 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:45:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B2F 124 KB
37 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 13:49:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 0B2F 14 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 13:47:59 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0B2F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsoZsCuZ_RB829J6Ycf_hZhb5qxPagWu7v-mjKxaIpx_T0bKO6oSEc4bSF6sNiMGEyivA3Hxk3VHiR1_auImk9p1mXzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 0B2F 26 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10771
x-xss-protection: 0
server: cafe
etag: 12253238251956766473
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 12:10:41 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B2F 0
0 22ms
18ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuWd6fEomYYf_KKr0xgKgu4bABIy-r5Fkq9Ck9aIO5aed_PICEAEguqH4bGCVAqABjfWnqgHIAQKpAoheE0JftrM-qAMByAPJBKoE4wFP0GLk_8zALQQjldVUfCs07GaItIjvP6oRNT9LpFxE9yI3173r4Y7N0UDmwSRasDlC7JPBqJMuKXrxZSgy8ZIKAPOvNwQFe3-YFpCePHTQV2lDO81Q_DixWj477RDN3s27WPxKGqgzbpp8NCK3zr3mcYW-XDG4p5kkUh6cyjyUvAZ-X6bVAb3rx9Xjb2pvvufrsm9-K6C3hAoAs5tHAyL0L6t078v7-zvcAbmoibuw8RadEKKTxbHBo_UyAOKFTX9jCxkSb2YLrjo0uXOyJjJsuL_lBnNOqXOntovfrPsoPZjrN8AE2sKbtdADkgUECAQYAZIFBAgFGASgBgKAB6ec39UCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENKAGNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NzE0MDc3MzI4NjUxOTA2GAA&sigh=nSx-h4fbc2Y&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 13:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0119 143 B
163 B 12ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 13:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 366D 1 KB
863 B 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Aug 2021 11:56:19 GMT
expires: Thu, 26 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 6810
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0B2F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db1ac22a9b7e7354e70daad83ed2aee5c1ccf5324aa8553f9f654214150f78bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 366D 35 B
464 B 54ms
30ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB69demaHRW1Q1VGckfleBI&google_cver=1&google_push=AYg5qPJwbIR2iIAgcEntvFZDyy7aid16UKdY3GpU3tC-tBeQZmPO2RmFfhD5kb83f4NHMC_PfeewDsdq0KkmNcbQTSlnm5jngr-odw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 366D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESENdbwaYEtGVkbsQgO9ltWUk&google_cver=1&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg&google_hm=Q0FFU0VOZGJ3YVlFdEd...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg&google_hm=Q0FFU0VOZGJ3YVlFdEd...

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg&google_hm=Q0FFU0VOZGJ3YVlFdEdWa2JzUWdPOWx0V1Vr&google_tc=

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL0O7AStVbkJNn6B19ah1Lj_QM2fA7L_750mFM7AwTVbLf8dzLpLegVFMFnJqgbMQJJ0KHW2FdIdPqfhb3S9BzRDcWXFn6Rpg&google_hm=Q0FFU0VOZGJ3YVlFdEdWa2JzUWdPOWx0V1Vr&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 366D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAlT2NaVVzfCl3rERKIdgfA&google_cver=1&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA
https://rtb.openx.net/sync/dds?google_gid=CAESEAlT2NaVVzfCl3rERKIdgfA&google_cver=1&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVv...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&google_hm=vSioyxZawzwXeaCnCBAFKg==
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&google_hm=vSioyxZawzwXeaCnCBAFK...

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&google_hm=vSioyxZawzwXeaCnCBAFKg==&google_tc=

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjf5SGxA9tJJqvVUyNKv947hg8JQAVkPgQZg7tu56fkWJGC9xP2vhd6kK0EpeUWffL0loD6AhalOHYAy5zO5-QFR1x3pkVvA&google_hm=vSioyxZawzwXeaCnCBAFKg==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 420
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 366D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zKKYUP0wRS2SLiu-eLVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zKKYUP0wRS2SLiu-eLVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zKKYUP0wRS2SLiu-eLVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInCfFhGmnEy7YDnCWC3-UmLuPLx4DIiVH90iHphvAcGallMGJgRjGuQtxqJw3PEWb_9rdUxHmjrb8lPDUCefza06Bg20p-&google_tc=

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zKKYUP0wRS2SLiu-eLVE1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInCfFhGmnEy7YDnCWC3-UmLuPLx4DIiVH90iHphvAcGallMGJgRjGuQtxqJw3PEWb_9rdUxHmjrb8lPDUCefza06Bg20p-&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 366D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHXiS5nqc1GGfmLi7rzshHc&google_cver=1&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUue...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NSSzBJOU8tWS1FREtC&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NSSzBJOU8tWS1FREtC&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ&go...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NSSzBJOU8tWS1FREtC&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ&google_tc=

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NSSzBJOU8tWS1FREtC&google_push=AYg5qPJikEeOpa-PZmg_AX4aGg3scOo6FASWFF8KOzklHFRNh8EnQ9rUCq3M9dtKDsbaI-ahUueObpqouku10EpI9Y3ODQmcouU5ZQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 366D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6...

170 B
329 B

42ms
41ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc=

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YSZKfiDwVpyIoNAPuAjvvwAABFMAAAAB&google_gid=CAESEA4f7MvT47N0Y1R7aUEVNeM&google_cver=1&google_push=AYg5qPIBSNfhLdmiqeCce-Dx2mUP5IBFGIpE6CE52VIUYEp10OceH4pTZAfRFBuxLmdqgQnwGc4ouTDn-GJ16jLhBqtMtcgP-Sw-Bw&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 366D 43 B
297 B 94ms
20ms Image
image/gif 2a05:d01c:1d8:8101:8678:af0d:fda8:5a84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEN-KffAdT_h9sSFGMVZAPHE&google_cver=1&google_push=AYg5qPJRgTpSJIBV8UutIe-pBGP6uWOMv_7WzWMWKkIqBx9JUdfDOLHn57wJdfnvOVGnVVYpODBbo7E4cvXhGTjRQt53lLT8jOtG
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:8678:af0d:fda8:5a84 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 366D 0
253 B 120ms
42ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGl3gA8iUC19ljBnAJeEht-s28bKYEQSrdBn8oRzUSh-KFp-AOvEr2IS2QIKKAmWdt5diX

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0119
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:50 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 14:49:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:49 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame 968B 35 KB
13 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=280&slotname=1260123237&adk=1527522754&adf=2753241492&pi=t.ma~as.1260123237&w=820&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=820x280&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388646&bpp=2&bdt=1466&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc32582b4326256f9-227cc172b3c8004d%3AT%3D1629899388%3ART%3D1629899388%3AS%3DALNI_MY4diGEKwGxCDfKrsrYAUg2B4Eqxw&prev_fmts=820x280&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W5bNBBV1cm&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:22:03 GMT

GET
H2 200 ad_native.ashx Show response
spnativeapi-tls.i-mobile.co.jp/api/ 624 B
916 B 487ms
487ms Script
text/javascript 2600:9000:21f3:da00:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_native.ashx?partnerId=35584&mediaId=138934&spotId=1549787&num=1&callback=impcallback_1549787_1&cashid=1629899390434
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:da00:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 89322d9d10e22a455bc499fc44166fa27adde3eaa71419bc45aabb99f2120dc4

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: private
content-length: 624
x-amz-cf-id: bMDnMTW2oAhEAWsmZrZpM3igSj56KZajPwGI-HE-Vp8gc4TJgES1Ow==

GET
H/1.1 200
OK imp_spot.ashx Show response
ssp-bidapi.i-mobile.co.jp/jsonp/imp/ 768 B
1 KB 267ms
267ms Script
text/javascript 13.230.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/jsonp/imp/imp_spot.ashx?pid=35584&mid=138934&asid=1549800&asn=2&spec=1&dpr=1&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&direct=1&type=native&sf=inline&pos=4&viewability=true&imcallback=spot_deliver_imp_callback_1549800_2&cashid=1629899390441
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.7.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-7-5.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f238e663f0df9be0ecaef1bd1db5fed3bd4f8e04702d502afbbac02bf0a675e1

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 13:49:50 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 663
Expires: -1

GET
H2 200 ad_native.ashx Show response
spnativeapi-tls.i-mobile.co.jp/api/ 768 B
1 KB 248ms
248ms Script
text/javascript 2600:9000:21f3:da00:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_native.ashx?partnerId=35584&mediaId=138934&spotId=1549800&num=1&callback=impcallback_1549800_2&cashid=1629899390713
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:da00:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 73b8b508fb7e0ef5e6bf3684077273b40e07fec9680aa6e1a1ee0a65719aab19

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: private
content-length: 768
x-amz-cf-id: xKaFh9lB81fYAl4irMzpTQPup0-NN9A-1pJ0aZwUkLGQnc3o_SMkZw==

GET
H2 200 yazirusiue.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/ 4 KB
4 KB 2070ms
2069ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/yazirusiue.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 9b1204f2941a4cb8dc4291819af8552177a97a57c26b944854b0b2f890efd02f

Request headers

:path: /wp-content/uploads/2019/03/yazirusiue.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:51 GMT
last-modified: Sat, 30 Mar 2019 09:51:10 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4227
expires: Wed, 01 Sep 2021 13:49:51 GMT

GET
H2 200 yazirusisita.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/ 3 KB
3 KB 2070ms
2070ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/yazirusisita.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 28bbfe189bf163e0666a27cdcc7f0617da97688797cb7d5a654aabea8c74041e

Request headers

:path: /wp-content/uploads/2019/03/yazirusisita.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:51 GMT
last-modified: Sat, 30 Mar 2019 09:51:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3385
expires: Wed, 01 Sep 2021 13:49:51 GMT

GET
H2 200 yazirusiyoko1.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/ 3 KB
3 KB 1921ms
1919ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/yazirusiyoko1.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 9ef3ee6f31b326f625b8a8df07a07eb9fc3ff566ee48deab0e4fc89aa93b9389

Request headers

:path: /wp-content/uploads/2019/03/yazirusiyoko1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:51 GMT
last-modified: Sat, 30 Mar 2019 09:51:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3282
expires: Wed, 01 Sep 2021 13:49:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=touhokurakutenngo-rudenni-gurusu.work

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=touhokurakutenngo-rudenni-gurusu.work

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 224D 0
171 B 56ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&adk=1812271804&adf=3025194257&lmt=1629899390&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899390800&bpp=2&bdt=3620&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600%2C240x600&nras=1&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&psts=AGkb-H-Ar27_jpGZeW50vOo73tUeevjv1993Izf8P3FhIFXdAzdLsEJ-4Xa74afXOMbkjE-oMaFJvpmGiMT_Fg%2CAGkb-H_WR4Nl3QQfjoVVzYIG_n09U8pDz3-iaucYQfCh9Cv9NbEsZGDWKJn2M17kpbFd4EfCHKUBX4OTrAW5Zg&pvsid=3580361670672971&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9714077328651906&output=html&adk=1812271804&adf=3025194257&lmt=1629899390&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899390800&bpp=2&bdt=3620&idt=2&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600%2C240x600&nras=1&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&psts=AGkb-H-Ar27_jpGZeW50vOo73tUeevjv1993Izf8P3FhIFXdAzdLsEJ-4Xa74afXOMbkjE-oMaFJvpmGiMT_Fg%2CAGkb-H_WR4Nl3QQfjoVVzYIG_n09U8pDz3-iaucYQfCh9Cv9NbEsZGDWKJn2M17kpbFd4EfCHKUBX4OTrAW5Zg&pvsid=3580361670672971&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 13:49:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 14:04:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 13:49:50 GMT
cache-control: private

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 755D 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 583874
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Aug 2021 13:49:50 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK parts.2.02.css
blog.with2.net/parts/2.0/css/ 7 KB
2 KB 352ms
300ms Stylesheet
text/css 153.120.49.88
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=1985148:HJVmcRPj3yI&c=pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.88 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www34.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Dec 2018 06:47:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "586a2e-1d78-57d6e808aae00"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 1861

GET
H/1.1 200
OK parts.pink.1.00.css
blog.with2.net/parts/2.0/css/ 350 B
521 B 354ms
300ms Stylesheet
text/css 153.120.49.88
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.with2.net/parts/2.0/css/parts.pink.1.00.css
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/?id=1985148:HJVmcRPj3yI&c=pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.88 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www34.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ae927f0da3e2fb490397b9943313458cf10705ad749d43970fcab67699df75d3

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jul 2014 07:50:39 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "586a49-15e-4fd3125f6d1c0"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 173

GET
H/1.1 200
OK logo_blogparts_26x130.png
blog.with2.net/parts/img/ 3 KB
3 KB 649ms
302ms Image
image/png 153.120.49.88
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/img/logo_blogparts_26x130.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.88 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www34.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
Last-Modified: Thu, 26 Jun 2014 09:25:12 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "586a8f-a61-4fcb9c50dae00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 2657

GET
H2 200 hovercard.min.css
secure.gravatar.com/dist/css/ 8 KB
2 KB 6ms
5ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/hovercard.min.css?ver=2021Augaa
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Augaa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
server: nginx
etag: W/"5fac09d6-1e86"
content-type: text/css
cache-control: max-age=604800
expires: Wed, 01 Sep 2021 13:49:50 GMT

GET
H2 200 services.min.css
secure.gravatar.com/dist/css/ 3 KB
550 B 6ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/services.min.css?ver=2021Augaa
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Augaa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
cache-control: max-age=604800
expires: Wed, 01 Sep 2021 13:49:50 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 14ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/themes/keni80_wp_standard_all_201901141646/js/insertstyle.js?ver=5.3.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 1792024
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 68454938bda85bf1-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 31ms
31ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.0.1&blog=160283709&post=0&tz=9&srv=touhokurakutenngo-rudenni-gurusu.work&host=touhokurakutenngo-rudenni-gurusu.work&ref=&fcp=2456&rand=0.08857313731394423
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 rakutenrogo_waifu2x_photo_noise3_scale_tta_1.png
touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/ 34 KB
34 KB 1545ms
1545ms Image
image/png 150.95.54.179
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://touhokurakutenngo-rudenni-gurusu.work/wp-content/uploads/2019/03/rakutenrogo_waifu2x_photo_noise3_scale_tta_1.png
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.54.179 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp35b.mixhost.jp
Software: LiteSpeed /
Resource Hash: 4f3f5953a7a6f24253e3bf586c602ac6dc730f6eb602ff7f8aa5e3635deaed7f

Request headers

:path: /wp-content/uploads/2019/03/rakutenrogo_waifu2x_photo_noise3_scale_tta_1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: touhokurakutenngo-rudenni-gurusu.work
referer: https://touhokurakutenngo-rudenni-gurusu.work/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:51 GMT
last-modified: Wed, 27 Mar 2019 07:36:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35089
expires: Wed, 01 Sep 2021 13:49:51 GMT

GET
H/1.1 200
OK header-r.png
baseball-data.com/bp/st/ 3 KB
3 KB 1212ms
302ms Image
image/png 153.127.52.28
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baseball-data.com/bp/st/header-r.png

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

153.127.52.28 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-424-44024.vs.sakura.ne.jp

Software

Apache /

Resource Hash

491087dc76e0a79c50a8cf4802e93046b0034be0ee3385245faf1f6cf84b6ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 Apr 2009 12:47:02 GMT
Server: Apache
ETag: "c32-468b0f9d71d80"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3122
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK r-pa1.png
baseball-data.com/bp/st/ 9 KB
9 KB 1216ms
303ms Image
image/png 153.127.52.28
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baseball-data.com/bp/st/r-pa1.png

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

153.127.52.28 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

ik1-424-44024.vs.sakura.ne.jp

Software

Apache /

Resource Hash

d9d0a95e0176e98454527c3e3301c9f10bc14092a9e282426970aebf915b96e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 12:44:01 GMT
Server: Apache
ETag: "2314-5ca619ad631f2"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 8980
X-XSS-Protection: 1; mode=block

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 755D 232 B
202 B 137ms
136ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=63f393d242e3197fe25c88c57c0ee11fec71040a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:50 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 13:49:50 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bab9a70b27d112fc1214d73614c767cefcbcbbdfdfe6ea93277aad320c4ceb6e
content-length: 166

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ 12 B
611 B 264ms
263ms XHR
text/plain 13.230.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=35584&mid=138934&asid=1549787&asn=1&spec=1&dpr=1&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&direct=1&type=native&sf=inline&pos=4&viewability=true&bidid=0655b870-225f-4c7e-9c7e-35184ec16c6d&demander_type=1&demander_id=1&icount=1&hbbc=0.68
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.7.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-7-5.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 13:49:49 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://touhokurakutenngo-rudenni-gurusu.work
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 132
Expires: -1

GET
H2 200 ad_imp_count.ashx
spnativeapi-tls.i-mobile.co.jp/api/ 120 B
428 B 486ms
485ms Image
image/png 2600:9000:21f3:da00:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_imp_count.ashx?pid=35584&mid=138934&asid=1549787&advid=6541265
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:da00:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
content-length: 120
x-amz-cf-id: thlxUKBethgf5Bo9A1FXo0SnvMkViyytOvTVsBby4juoVM6u9AP2vw==
expires: -1

GET
H/1.1 200
OK imp_count.ashx Show response
ssp-bidapi.i-mobile.co.jp/ajax/imp/ 12 B
611 B 271ms
270ms XHR
text/plain 13.230.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-bidapi.i-mobile.co.jp/ajax/imp/imp_count.ashx?pid=35584&mid=138934&asid=1549800&asn=2&spec=1&dpr=1&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&direct=1&type=native&sf=inline&pos=4&viewability=true&bidid=68cd6943-4492-4642-8368-030eb8f4b750&demander_type=1&demander_id=1&icount=1&hbbc=0.68
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/imp_spot_define.js?20160817
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.7.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-7-5.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 13:49:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: https://touhokurakutenngo-rudenni-gurusu.work
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 132
Expires: -1

GET
H2 200 ad_imp_count.ashx
spnativeapi-tls.i-mobile.co.jp/api/ 120 B
429 B 245ms
245ms Image
image/png 2600:9000:21f3:da00:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_imp_count.ashx?pid=35584&mid=138934&asid=1549800&advid=6542616
Requested by: Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:da00:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 13:49:50 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: Microsoft-IIS/8.5
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
content-length: 120
x-amz-cf-id: cUy68qq8zA90j_BvthrwkTXt_i84bT0dCLlVGIcPK2LH81JZuHNxbw==
expires: -1

GET
H/1.1 200
OK button.5d16ecc02fbaf599a24dfb57ab239320.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:39 GMT
Server: ECS (frb/67DF)
Age: 583877
Etag: "6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html Show response
platform.twitter.com/widgets/ Frame 0FEA 37 KB
14 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://touhokurakutenngo-rudenni-gurusu.work/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 583692
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Aug 2021 13:49:51 GMT
Etag: "7bbedeb3f951490fe07215cd8ca17db6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:43 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A8)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 14067

GET
DATA 200
OK truncated
/ Frame 0FEA 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK icon_br_crown_18x14.png
blog.with2.net/parts/2.0/img/ 313 B
605 B 536ms
297ms Image
image/png 153.120.49.88
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.with2.net/parts/2.0/img/icon_br_crown_18x14.png
Requested by: Host: blog.with2.net
URL: https://blog.with2.net/parts/2.0/css/parts.2.02.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 153.120.49.88 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: www34.with2.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62

Request headers

Referer: https://blog.with2.net/parts/2.0/css/parts.2.02.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 13:49:51 GMT
Last-Modified: Thu, 26 Jun 2014 07:50:30 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "586a56-139-4fcb872613d80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 313

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 138ms
138ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_creator_screen_name%22%3A%22THE68765707%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1629899391310%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: touhokurakutenngo-rudenni-gurusu.work
URL: https://touhokurakutenngo-rudenni-gurusu.work/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 25 Aug 2021 13:49:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bab9a70b27d112fc1214d73614c767cefcbcbbdfdfe6ea93277aad320c4ceb6e
x-transaction: eed41c73fb31f226
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d38346d67d5a4a77c3d6fc9b567b031c30574073bd10355e31d95357100e9631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 13:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8564
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 25 Aug 2021 13:50:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7509 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 25 Aug 2021 13:38:11 GMT
expires: Thu, 25 Aug 2022 13:38:11 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B882 783 B
827 B 18ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b821c1aa7644b317f09e95575eb5a0518ce8c2ff7c885e92c583e53bb541b95b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EXTyaRBATJhkRbarU2MPtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://touhokurakutenngo-rudenni-gurusu.work/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://touhokurakutenngo-rudenni-gurusu.work/

Response headers

expires: Wed, 25 Aug 2021 13:50:03 GMT
date: Wed, 25 Aug 2021 13:50:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EXTyaRBATJhkRbarU2MPtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7509 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 12:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 12:28:51 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
157ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210816&jk=3580361670672971&bg=!2Nul25_NAAZvV8FTb1c7ACkAdvg8WmE1FV8X3nifRAmkQo8SdHd4QTeRF88Tq647AEmSZmP9snzPvQIAAAB1UgAAAAtoAQeZApKqTvY1giSoLzToXED8Gky5249s2hS0l1alcSA0dXuXZZyWwb3gxVZlOMMOJXgIV6ZW5oYGEBdOk65R8Ufh6Tr7rpXEZS58LJJQcmLZnbZsNzSeoWoHF9vPXuHRDerBgTAGqDnqj-mVqEFU3TFWb3hlNclPud4KlngD6MDmzA8xe-pyiS4-scPSYx8XDGw5RONEqgbdj4VmLueJubjSPkpDxEiWFXOviDsbdXFrvZhSTecVFQGlE6veR6cxnPhNvIwLe2wJe-fBQh3hCPl-w6qacs1j3T4Fq46i9by5dlF0BFQc_L0PLDGyJlMCKbno0J0xWOiimX55Sr3Xda1C4mNTfVwppRB1hj5fkt1_l61Z92lbhuVr7MDo82O3IPBlK-wMCnEpVFujxoNYHQkup-eZBnsOwOe3hFzIZSDCf--bajZPEmAgrPH5HcRxaoCRqS-qVwXk3msvBY8AX7V2tCyOisQS_Mh0fDYBCwSzgDEAAa_KPZgovcJozqq4hWwWYwlnhGlpflIipin54SEuZJvwK22JRdGbrUT81mpCxGK4dZCP3Q_aSnrXMZrDh7krVWm9iGAIqbqcl8MoHkbwWLh0tJ_-Xav8wyLTsKfFlvAwqa3iNH2aUvcNPljXMfIP4yvGLhks7c9hZ0DPy0PCV59Y5QMb-CR8ngTJbbYqQUzv7Z0zrpXdoNz2mZ3M-NBn3gdzjTWzXPJ_OP4uNkaEyXs-mmNmIj03HhUq2vSMj7r4Y5HCghVyeQT0Sk8AajR845Q6GNA5L6SqZAPkfCOsvPZcZMNoBqnA5urdoyaABocEcCZr_iUhzOFaHvpOCcTC30FQ144a1m2e3b7C2jcYls35AUI0mR75QRidy-apmRYqRHXK
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://touhokurakutenngo-rudenni-gurusu.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108100143000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9714077328651906&output=html&h=600&slotname=1260123237&adk=1481118885&adf=3012659478&pi=t.ma~as.1260123237&w=240&fwrn=4&fwrnh=100&lmt=1629899388&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Ftouhokurakutenngo-rudenni-gurusu.work%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629899388857&bpp=1&bdt=1677&idt=1&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=820x280%2C820x280%2C240x600&correlator=5546876133630&frm=20&pv=1&ga_vid=1362158152.1629899387&ga_sid=1629899388&ga_hid=734357077&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1130&ady=2687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3580361670672971&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K1F9oTVV0V&p=https%3A//touhokurakutenngo-rudenni-gurusu.work&dtd=3
console-api	log	URL: https://c0.wp.com/c/5.3.8/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
b.blogmura.com
baseball-data.com
blog.with2.net
blogmura.com
blogparts.blogmura.com
blogroll.livedoor.net
c0.wp.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
image6.pubmatic.com
imp-adedge.i-mobile.co.jp
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
platform.twitter.com
rranking9.ziyu.net
rtb.openx.net
s0.wp.com
secure.gravatar.com
spnativeapi-tls.i-mobile.co.jp
ssp-bidapi.i-mobile.co.jp
ssum-sec.casalemedia.com
static.blogmura.com
stats.wp.com
syndication.twitter.com
touhokurakutenngo-rudenni-gurusu.work
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.244.42.72
13.224.96.126
13.224.96.18
13.230.7.5
133.242.86.196
142.250.185.66
142.250.186.98
147.92.191.167
150.95.54.179
153.120.49.88
153.127.52.28
18.176.86.15
18.194.175.178
185.64.190.78
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
2.18.234.21
2600:9000:21f3:3400:1f:2964:4340:93a1
2600:9000:21f3:da00:1f:5b22:6e00:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8101:8678:af0d:fda8:5a84
35.227.252.103
54.250.28.113
69.173.144.165
00da23b516605a1a0935685e2c74bca94619edc6ff8dc8eea4a36b8dccaa8502
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
04b6fb04f61c052c3bd0d9764c46516e18c8a3bec44f9832eddf0fad3924ed3e
050134f1c95f8478a83227c561898a40a1ed2f3c006342c0292218a9a3f08511
072cfdc3b5c6541f3d3c06ebd4c138ab38b6e7983704b73dcb46710ac3ccb05b
092ca847eea2fa79b69e5d49821c730fa96849feb9202bbf6b5e0afa42ab801a
0b75d458919215ed21731c1ffc4a8482346f8f002b4f81128587702672c7753e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d80f3242f87172d31de75947d120ff8da9caf53b5827e5ca96c2bce0daaad19
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10a8a67896983e62280fa6220f3844ffdb3a0bda3b723e75c3da60facd91f3d9
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
14fc81abcea912f2fdcebbb4f5f74eb9b73006c168756bb3829f27d9eefc4b11
16d2aacf105e10a4d3607434b1a22666e6707134204fff0c9d46fa4801fe7224
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f53913974e04d99803de43828bea6a445fae29ebdf16345af5df275b45b38f4
2436a6117cc11ad004a9d19b17279560db186810761510643f7f3f1037d5f04c
28bbfe189bf163e0666a27cdcc7f0617da97688797cb7d5a654aabea8c74041e
2c11b6e3a82f2a1a135818b2b84ee2fa199d441d29c00cea727191bbfb6ced69
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
30866c176478249701b8783b0f0ad098e693fc0efe984ea77cd1ad7e6b6198ec
31f78761f67726590dade7271633f0ecbc60b945897b719d4081049c65143e8c
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
3a39bc65bd9c18b59f76a7393e6407d84f2f36626428739eb53377d6a5c5b78d
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3fef0188787c1c74c10ee0e058b4aaed697068ccb482255509697860a8bac248
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
430509e7b5a7b344ff7a001b378bf5fe078ed3dc0cddaf2b5eb43d80494e53a8
4397c675b49784c0053d508bb5456e54fe556321f1d54123cf1a9c01ddeff874
464b5db64020e574cfdc0ec0c89054ee9fa6a91e901fc6224199b6dd5207ad2e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
491087dc76e0a79c50a8cf4802e93046b0034be0ee3385245faf1f6cf84b6ed2
4c2d889ee46270fb2ae51c5ef8804efb7f03b4d5f2ab24a9fdd7a6400f75ea6c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3f5953a7a6f24253e3bf586c602ac6dc730f6eb602ff7f8aa5e3635deaed7f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0
503885908301e338782bcb56814eecb5011a3b0eab9affafa8456352e53b3f03
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
543d73afa1579f2ab52305aa942c9eeb7d4e443187afc17c9a1185448e01ffa8
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7323fcc7428c11c981b40ceb625cf497f5d04cdaecfa36c538a564bb326cd52e
73b8b508fb7e0ef5e6bf3684077273b40e07fec9680aa6e1a1ee0a65719aab19
744957172039218201f20acf2fdcb3c3adb915f1601b0f5b985a013daddb9ef7
744ee22c8bcb89a57935e433ce07a904ca95cf9402220d7e6d1afd6fdc85c586
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dcf5b6b4cb5eeaabedae0c105a2b3ddfe1073ffef195d6f93f7809bf314dc53
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
817232d2c01e544fd9f8ed3ceb88105d146ac6baa372174bca8ee1245de9c1f4
8207de5aa3e7969e72442ca1ab70fe13c2f88b26838d9c3fbd1e4f74a77119e3
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
89322d9d10e22a455bc499fc44166fa27adde3eaa71419bc45aabb99f2120dc4
8cf6b0ea38e65bd94401db5eebd6949b56fee5f488ce95bb36703e45755a6b62
8d3559b2aca90914521d5c5eaa9148c4b75e5d59c7ae7b7a9e546e96f97c1fd6
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8f71653329443516f4c108568bc13dda02794c750f16f64b1a3825ad1dc85264
904e3067379f300692256e8af18842b5797a0bac4dc2da7b857fbef6312b3ef1
909ff0f6923c2a0ac963be0c145b49f1e64cc782388509663500dd71996e85ae
9372bc2449c237a7115ed8e0003475b6540863e64aa1bca96c8144894c65178f
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1204f2941a4cb8dc4291819af8552177a97a57c26b944854b0b2f890efd02f
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
9ef3ee6f31b326f625b8a8df07a07eb9fc3ff566ee48deab0e4fc89aa93b9389
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a063c7387fa64101d0e4de1e6d86263c02611134afc27af3d7da953c41eea86c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a36ba4c8eec844e283ca702da5deef8cfafbd9c973c9914d9fa2633f6ce4009b
a4071dbca008823e72a0fbcf9f4806230d5a8cf68884f4450981ed686f9e24b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ff21fedd9ab25f03b1d781446b006255f8a27aad2c380e44cb56d6eed72529
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6385fd389127baaf589b604b0573565a85e4c660e20a4e7307c964d5046da50
a8e3f5fffdd2196deec9adc74de2eeaf4b1c89209c872a2acc9bdabe796ee3f6
ab0c324bfd17329042f7776d64c8aaa168570dd372f54dcd83f3fa2198690f4a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adcecd7d685226871bcca4601d93565f861bdea83fd0a4ec2a020ae194717d2d
ae87856032d9e02733a7e5eff424bcd35c294c625f81af7b92cbc57131ef1769
ae927f0da3e2fb490397b9943313458cf10705ad749d43970fcab67699df75d3
b3eb378d70a956fb7309cda4cfc0dda618aaaaba7287785052cc4fc4cbd90fb7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b741ae83cb94d6035e40a0983a9f24708416585dbc00912daba74d1e0e4855a9
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b821c1aa7644b317f09e95575eb5a0518ce8c2ff7c885e92c583e53bb541b95b
b90e14a4fefc03df42255504ea335e61fcd18e78aac605dacf146f3990690a30
be7a435b571cc9cb1f137c0f2d76b8a24845a6ca2e998503c4a4354b8b779b11
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
c25823240cb3de9f0be84cbca7c021243faca63b4064d492de859474c7e9e466
c4e0253f90b114a9f81ce66ea5da376d04d0e9e4850c38e997af6e9834926135
c656d8e672d469ced91198a70c923478b581bf26c0470d5fa0c965e6c54e6fc6
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9c88e8e5e3a54f5bf0694797b4eb8092cdc73260eb8a915d56917e5d160866d
cab7cf5fdcaec5cef59c098589ba78acb18018f9dd7f1ca849a14c037a29aeb8
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
ce86c62cca5cbbec2e52f229c50254e66501d1916b2489370cee4ec3db6d85e5
d0006a87f68b26d4775b6d118939f02cb694e787fe4e94cd1248bd46a17b3364
d249bb9d93fcfa175a78def55b36df697c40a0af4e374e28eb9371cb66d8ee19
d38346d67d5a4a77c3d6fc9b567b031c30574073bd10355e31d95357100e9631
d38df165d55ff9d44ee6a2730669d0fb887ee294129d26e5d2724446c878e0d5
d3e33bd3eeb6d3e82825ca5990e311ada69b68575d9c5d5d205719adaf3a1618
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
d9d0a95e0176e98454527c3e3301c9f10bc14092a9e282426970aebf915b96e1
d9e67620565bb14bc4725aa2eef64d1f14cbdde4d191cfa59636f3e15d9aa99c
db1ac22a9b7e7354e70daad83ed2aee5c1ccf5324aa8553f9f654214150f78bf
db2dbe84a74dd680313d06f35fed4f7024157540a4cdcc6e48ceb6308300739f
db472fb2602df1302e3037f408323a2526ef70c0912c0354309b57fe59d19297
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e654d10bd53c968740aba1d5c705dd9284c331415d8f8d2be36a83ed315a6214
e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3
e78b7e8b9e77c824042df8179657999a3b42a1833df79199b6dc5c2fd60070e9
e798c61dea1d00bfffd93ec9fe13d19eb61b40b7458b40501107643058ff5fb4
e7ff1e480b0205c082078643649549ea5880cb67f6d9ce71266de982827e78fd
e9f7f42240a9b8f24f1d339cee46c87a1f05d7fa59e8e985156faae3690740ff
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fb28839791554d1b7f93eae4e6a8eb78b043691ce867e4ba33c26dd1d42585
f210d8ce81c03f90460256b6a1e600814f02739e858ad2c0839d42fb458b4e94
f21c36cb9b6db66c53637b9d92f2fd869cb564d7cede035edd343c75a934f396
f238e663f0df9be0ecaef1bd1db5fed3bd4f8e04702d502afbbac02bf0a675e1
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60c4c1af15ee5f4db7e204a7af1fd6ce72fb5ee3df122c30eabe42343da8e3f
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
fe9bc53b27e5462fdadbb24cac91aa7c90a08ec69b26093a12a4d89a43eeb540
ff48ec131857878aa8635dfeaa5ef9a74860e697c74e0f4e54365d7abb779daa

touhokurakutenngo-rudenni-gurusu.work Open in urlscan Pro 150.95.54.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

175 Requests

100 %HTTPS

41 %IPv6

26 Domains

40 Subdomains

33 IPs

5 Countries

4779 kBTransfer

7537 kBSize

0 Cookies

67 Outgoing links

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

touhokurakutenngo-rudenni-gurusu.work Open in urlscan Pro
150.95.54.179 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

100 %
HTTPS

41 %
IPv6

26
Domains

40
Subdomains

33
IPs

5
Countries

4779 kB
Transfer

7537 kB
Size

0
Cookies

175 HTTP transactions
6 data transactions