URL: https://mamagon.blog/
Submission: On June 19 via api from US — Scanned from JP

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 46 HTTP transactions. The main IP is 141.147.168.132, located in Inzai, Japan and belongs to ORACLE-BMC-31898, US. The main domain is mamagon.blog.
TLS certificate: Issued by R11 on June 11th 2024. Valid for: 3 months.
This is the only time mamagon.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 141.147.168.132 31898 (ORACLE-BM...)
4 142.250.207.98 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 172.217.25.164 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 172.217.161.194 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
46 9
Apex Domain
Subdomains
Transfer
32 mamagon.blog
mamagon.blog
589 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
267 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
2 google.com
www.google.com — Cisco Umbrella Rank: 5
974 B
1 gstatic.com
www.gstatic.com
207 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 457
31 KB
46 7
Domain Requested by
32 mamagon.blog mamagon.blog
4 pagead2.googlesyndication.com mamagon.blog
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google.com mamagon.blog
tpc.googlesyndication.com
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com mamagon.blog
1 ajax.googleapis.com mamagon.blog
46 8

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
Subject Issuer Validity Valid
mamagon.blog.decodeco.mixh.jp
R11
2024-06-11 -
2024-09-09
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
upload.video.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
*.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.gstatic.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh

This page contains 5 frames:

Primary Page: https://mamagon.blog/
Frame ID: 90AB38BEAADC4BD09CAFF4492DA1472E
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240617/r20110914/zrt_lookup_fy2021.html
Frame ID: F8156382CD78D6B547407A9C11BFD746
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8543709205690630&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718761894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fmamagon.blog%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_13~30_5~27_15~29_18&aiixl=28_4~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718761893942&bpp=3&bdt=214&idt=194&shv=r20240617&mjsv=m202406170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1283135209092&frm=20&pv=2&ga_vid=1516310319.1718761894&ga_sid=1718761894&ga_hid=1807878983&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C95331695%2C95334509%2C95334525%2C95334572%2C95334581%2C95335897%2C31084704%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3787788827493828&tmod=1852064487&uas=0&nvt=1&fsapi=1&fc=1920&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: A775AA765C8EBEB392A7DBEEBD9E8CCF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BC5CC646387AAF48BCBB80A5C188882
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 647E486F2100D39B9D62B3F583624E7F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ままゴンの休日 | Mamagon's Malaysia Life

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

98 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1099 kB
Transfer

2648 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mamagon.blog/
301 KB
31 KB
Document
General
Full URL
https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
7dd74226a74db51354d220aa9a2676e0199072a879c811982d7a1426b6585917

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=1
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 01:51:33 GMT
expires
Tue, 18 Jun 2024 06:11:49 GMT
link
<https://mamagon.blog/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
server-timing
wp-load-alloptions-query;dur=1.59, wp-before-template;dur=960.04
vary
Accept-Encoding,Accept-Encoding
x-litespeed-cache
hit
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8543709205690630
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5bd226bea3f3c1aef8c652d886aed9b22135e90de91ce729d576d4fa78edbdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52395
x-xss-protection
0
server
cafe
etag
4032237820458598518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 19 Jun 2024 01:51:33 GMT
icomoon.woff
mamagon.blog/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/
13 KB
13 KB
Font
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Fri, 31 Mar 2023 09:19:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
13000
expires
Thu, 19 Jun 2025 01:51:33 GMT
fa-brands-400.woff2
mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/
75 KB
75 KB
Font
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-brands-400.woff2
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Fri, 31 Mar 2023 09:19:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
76736
expires
Thu, 19 Jun 2025 01:51:33 GMT
fa-regular-400.woff2
mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/
13 KB
13 KB
Font
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-regular-400.woff2
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Fri, 31 Mar 2023 09:19:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
13224
expires
Thu, 19 Jun 2025 01:51:33 GMT
fa-solid-900.woff2
mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/
76 KB
77 KB
Font
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/webfonts/fa-solid-900.woff2
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Fri, 31 Mar 2023 09:19:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
78268
expires
Thu, 19 Jun 2025 01:51:33 GMT
style.min.css
mamagon.blog/wp-includes/css/dist/block-library/
111 KB
14 KB
Stylesheet
General
Full URL
https://mamagon.blog/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4&fver=20240403054406
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 05:44:06 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14071
expires
Thu, 19 Jun 2025 01:51:33 GMT
styles.css
mamagon.blog/wp-content/plugins/contact-form-7/includes/css/
3 KB
946 B
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6&fver=20240617064420
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Mon, 17 Jun 2024 18:44:20 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
890
expires
Thu, 19 Jun 2025 01:51:33 GMT
style.css
mamagon.blog/wp-content/themes/cocoon-master/
237 KB
39 KB
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/style.css?ver=6.5.4&fver=20230331091948
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
6a1d7c5a9e5e2d3b338b62a9495855997beca33995cde9ee6efcc14b82161da0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:48 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
40185
expires
Thu, 19 Jun 2025 01:51:33 GMT
keyframes.css
mamagon.blog/wp-content/themes/cocoon-master/
292 B
136 B
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/keyframes.css?ver=6.5.4&fver=20230331091948
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:48 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
104
expires
Thu, 19 Jun 2025 01:51:33 GMT
all.min.css
mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/
57 KB
12 KB
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/webfonts/fontawesome5/css/all.min.css?ver=6.5.4&fver=20230331091948
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:48 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12166
expires
Thu, 19 Jun 2025 01:51:33 GMT
fontawesome5.css
mamagon.blog/wp-content/themes/cocoon-master/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/css/fontawesome5.css?ver=6.5.4&fver=20230331091948
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
b02dfd272ecdd8b4736df5fb3e0704e64453255f40aa230037857243585101a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:48 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1045
expires
Thu, 19 Jun 2025 01:51:33 GMT
style.css
mamagon.blog/wp-content/themes/cocoon-master/webfonts/icomoon/
3 KB
686 B
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.5.4&fver=20230331091949
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:49 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
653
expires
Thu, 19 Jun 2025 01:51:33 GMT
style.css
mamagon.blog/wp-content/themes/cocoon-child-master/
1 KB
538 B
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-child-master/style.css?ver=6.5.4&fver=20230406114734
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
a18a417cd7063f770062cc955ec72cecd30faf1e4b3b7dd8b33f6aac6bfc5643

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Thu, 06 Apr 2023 11:47:34 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
482
expires
Thu, 19 Jun 2025 01:51:33 GMT
keyframes.css
mamagon.blog/wp-content/themes/cocoon-child-master/
130 B
184 B
Stylesheet
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.5.4&fver=20230331092051
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Fri, 31 Mar 2023 09:20:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
130
expires
Thu, 19 Jun 2025 01:51:33 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/
88 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:813::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jun 2025 00:28:59 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/
11 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
265227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3718
last-modified
Wed, 18 Nov 2020 00:51:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb4701e-2c03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bT8qcnhYUEshpePhcuG%2BSUNeOxQMC%2BZlW6yhlP3OgEgDxJLo2K3fo0IGdu0R1nGBceigzyqwbOdiOpDEEobUloD17eSw6AMPlEaziJulErmKZBUrkshCwOnb8J5x8eoGDbWF1W3P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895fdfebef05f5f9-NRT
expires
Mon, 09 Jun 2025 01:51:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8543709205690630&host=ca-host-pub-2644536267352236
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d3525dd8c5309b3ed9bd2e6f2f21f8a722617b4bc6e66bb44922117576c3480f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52408
x-xss-protection
0
server
cafe
etag
15413241311744380180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 19 Jun 2024 01:51:33 GMT
lazysizes.min.js
mamagon.blog/wp-content/plugins/ewww-image-optimizer/includes/
15 KB
6 KB
Script
General
Full URL
https://mamagon.blog/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=740&fver=20240318024232
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 02:42:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5694
expires
Thu, 19 Jun 2025 01:51:33 GMT
index.js
mamagon.blog/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
3 KB
Script
General
Full URL
https://mamagon.blog/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6&fver=20240617064420
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Mon, 17 Jun 2024 18:44:20 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3228
expires
Thu, 19 Jun 2025 01:51:33 GMT
index.js
mamagon.blog/wp-content/plugins/contact-form-7/includes/js/
13 KB
4 KB
Script
General
Full URL
https://mamagon.blog/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6&fver=20240617064420
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Mon, 17 Jun 2024 18:44:20 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3919
expires
Thu, 19 Jun 2025 01:51:33 GMT
api.js
www.google.com/recaptcha/
1 KB
974 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f164.1e100.net
Software
GSE /
Resource Hash
a46a79af9fffc4a4eed5eabbaff57ebac67f2df5f5b003bdfc961106f200ea31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 19 Jun 2024 01:51:33 GMT
stickyfill.min.js
mamagon.blog/wp-content/themes/cocoon-master/plugins/stickyfill/dist/
6 KB
2 KB
Script
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.5.4&fver=20230331091948
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:48 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2052
expires
Thu, 19 Jun 2025 01:51:33 GMT
javascript.js
mamagon.blog/wp-content/themes/cocoon-master/
8 KB
3 KB
Script
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-master/javascript.js?ver=6.5.4&fver=20230331091948
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
22e5f1ed3df935248f27fa5727af86a1572746560a29d83bc99fa9cf8cc3fc16

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:19:48 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2556
expires
Thu, 19 Jun 2025 01:51:33 GMT
javascript.js
mamagon.blog/wp-content/themes/cocoon-child-master/
298 B
199 B
Script
General
Full URL
https://mamagon.blog/wp-content/themes/cocoon-child-master/javascript.js?ver=6.5.4&fver=20230331092051
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
content-encoding
br
last-modified
Fri, 31 Mar 2023 09:20:51 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
166
expires
Thu, 19 Jun 2025 01:51:33 GMT
IMG_3725-jpeg.webp
mamagon.blog/wp-content/uploads/2024/03/
18 KB
19 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/03/IMG_3725-jpeg.webp
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
22d3928c65e53423dea874dbb8f438697f8e0b4a32b19c3082d8eb4045750f93

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Mon, 18 Mar 2024 10:47:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
18814
expires
Wed, 26 Jun 2024 01:51:33 GMT
truncated
/
135 B
135 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34c2d3905802f5afef7a0b089f245d6c434778c0ed89efc932d49a7f8016e15c

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
195 B
195 B
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dae35cad6a9490b667e2d1f9e81d2032998b8a8454caf848df6c04fdb46b2656

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
SIMG_3289-320x180.webp
mamagon.blog/wp-content/uploads/2024/04/
11 KB
11 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/04/SIMG_3289-320x180.webp
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
5695aa5d28fe5648515041c21214219f528e2fc24614d49cb26a0c97b27cc090

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Fri, 12 Apr 2024 11:57:45 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10772
expires
Wed, 26 Jun 2024 01:51:33 GMT
39577fae2bacd7a90a837f5cffe45bcd-320x180.webp
mamagon.blog/wp-content/uploads/2023/07/
6 KB
6 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2023/07/39577fae2bacd7a90a837f5cffe45bcd-320x180.webp
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
f72bddf4d5757e2f3a51c5fb3a392336e392f733aa890a79af75cf67be7ed4e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Tue, 19 Mar 2024 08:09:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6032
expires
Wed, 26 Jun 2024 01:51:33 GMT
b95bbb9e2660ba99ec3a7c87bbc1ee05-320x180.webp
mamagon.blog/wp-content/uploads/2024/03/
16 KB
16 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/03/b95bbb9e2660ba99ec3a7c87bbc1ee05-320x180.webp
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
a092e67c134cabcfc97c62c99673ef2835b8b0e566cb658dccb3e455853fdf89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:33 GMT
last-modified
Mon, 18 Mar 2024 09:22:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16606
expires
Wed, 26 Jun 2024 01:51:33 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406170101/
430 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406170101/show_ads_impl_fy2021.js?bust=31084704
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8543709205690630
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5a2766471059b9a9267c2e62292c2b50b5a173656969cc26b6259c6ea1d80b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148818
x-xss-protection
0
server
cafe
etag
10424849829267331107
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jun 2024 01:51:34 GMT
recaptcha__ja.js
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/
529 KB
207 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__ja.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b8627e4710868c5ec6264c4a196b994c34ac17905597fb769bfaafa01df212f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Origin
https://mamagon.blog
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211411
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:44:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jun 2025 13:14:38 GMT
5bd156fc0f4e676ff6934beaeca67492-320x180.jpg
mamagon.blog/wp-content/uploads/2023/07/
7 KB
8 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2023/07/5bd156fc0f4e676ff6934beaeca67492-320x180.jpg
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
4132c592125976c650d95ce0b7443381e534b8d3e6ba79e1f933d8ef67535d02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
last-modified
Sat, 16 Mar 2024 13:45:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7655
expires
Thu, 19 Jun 2025 01:51:34 GMT
b7cbd8f8350f2e44a246812dfd93c0ee-320x180.webp
mamagon.blog/wp-content/uploads/2024/02/
4 KB
4 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/02/b7cbd8f8350f2e44a246812dfd93c0ee-320x180.webp
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
f98a1801e44ad9402acfa23ebf5e60965bd51826c7006578f53078c7f4ecaa41

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
last-modified
Mon, 18 Mar 2024 03:55:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3996
expires
Wed, 26 Jun 2024 01:51:34 GMT
IMG_0988-320x180.webp
mamagon.blog/wp-content/uploads/2024/02/
5 KB
5 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/02/IMG_0988-320x180.webp
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
6b7169ccbd9a5a25c10dd48615317e091c673647f49b9683af1e1ae5bd358cd4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
last-modified
Mon, 18 Mar 2024 03:32:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5512
expires
Wed, 26 Jun 2024 01:51:34 GMT
IMG_3747.jpg
mamagon.blog/wp-content/uploads/2023/04/
201 KB
201 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2023/04/IMG_3747.jpg
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
4a9379c9331dbcc3f27ae610140e0024e6b418080eb42e7bd58c5aa1cee7461f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
last-modified
Mon, 03 Apr 2023 01:38:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
205729
expires
Thu, 19 Jun 2025 01:51:34 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240617/r20110914/ Frame F815
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240617/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406170101/show_ads_impl_fy2021.js?bust=31084704
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://mamagon.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
19625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jun 2024 20:24:29 GMT
etag
9187630395144177108
expires
Tue, 02 Jul 2024 20:24:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A775
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8543709205690630&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718761894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fmamagon.blog%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_13~30_5~27_15~29_18&aiixl=28_4~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718761893942&bpp=3&bdt=214&idt=194&shv=r20240617&mjsv=m202406170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1283135209092&frm=20&pv=2&ga_vid=1516310319.1718761894&ga_sid=1718761894&ga_hid=1807878983&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C95331695%2C95334509%2C95334525%2C95334572%2C95334581%2C95335897%2C31084704%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3787788827493828&tmod=1852064487&uas=0&nvt=1&fsapi=1&fc=1920&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406170101/show_ads_impl_fy2021.js?bust=31084704
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://mamagon.blog/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 01:51:34 GMT
expires
Wed, 19 Jun 2024 01:51:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
46ba2e8bb524340a4c1ddba49ae948b1-320x180.jpg
mamagon.blog/wp-content/uploads/2023/07/
9 KB
9 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2023/07/46ba2e8bb524340a4c1ddba49ae948b1-320x180.jpg
Requested by
Host: mamagon.blog
URL: https://mamagon.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
61a80b943f1a2c41b81efccb8e202de1de1cd85c3413458988ac5c58d188731b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
last-modified
Sun, 17 Mar 2024 04:30:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
9479
expires
Thu, 19 Jun 2025 01:51:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240617&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406170101/show_ads_impl_fy2021.js?bust=31084704
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1a78130d49a6ae773352e95182371cd29abe66c8618008ab0416a2e3b41fa058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12742
x-xss-protection
0
cropped-IMG_3744-32x32.jpeg
mamagon.blog/wp-content/uploads/2023/04/
1 KB
1 KB
Other
General
Full URL
https://mamagon.blog/wp-content/uploads/2023/04/cropped-IMG_3744-32x32.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
5cae52064d7f88180705ec9cbf2363b0f72df5c278883f0765b0796bc0753969

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
last-modified
Mon, 03 Apr 2023 01:50:17 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1149
expires
Thu, 19 Jun 2025 01:51:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406170101/show_ads_impl_fy2021.js?bust=31084704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80c::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 01:51:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BC5
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80c::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://mamagon.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
324278
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jun 2024 07:46:56 GMT
expires
Sun, 15 Jun 2025 07:46:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 647E
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f164.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CuqcH90IUHCFHxNKW0gTIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://mamagon.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CuqcH90IUHCFHxNKW0gTIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 01:51:34 GMT
expires
Wed, 19 Jun 2024 01:51:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IMG_0770-320x180.jpg
mamagon.blog/wp-content/uploads/2024/03/
10 KB
10 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/03/IMG_0770-320x180.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
9e72a8695ce8d3176b66d8669b97d85b741aa74b3fca132e539a65ca4ddcc353

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:35 GMT
last-modified
Thu, 07 Mar 2024 09:14:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
10437
expires
Thu, 19 Jun 2025 01:51:35 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

IMG_0934-320x180.webp
mamagon.blog/wp-content/uploads/2024/02/
4 KB
4 KB
Image
General
Full URL
https://mamagon.blog/wp-content/uploads/2024/02/IMG_0934-320x180.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.147.168.132 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
ty10009.mixhost.jp
Software
LiteSpeed /
Resource Hash
235a79d1591263625d5e75cde03e0dda76f63b377ecd914ac35fc45e242a568f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://mamagon.blog/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:51:35 GMT
last-modified
Mon, 18 Mar 2024 03:05:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3914
expires
Wed, 26 Jun 2024 01:51:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240617&jk=3787788827493828&bg=!6-il6KfNAAb64txl2uI7ADQBe5WfOFu2ElhwAyjkopzmG4o7fjxZUhU3C0ZFODZxstAwVeBjQGRN2gPMboASOJ_KZxPJAgAAAINSAAAABmgBB34ANZgy_GIIJtHj4jXP0xcaNTslRwdQaxBYkNiSxn6OzalLkfLxU05CqMJqPOBJVtMvaIRGnolmmQLIejUSYYsZ-P3l9wKwbbCPRSWx4WawHUxlq-bcnPmC1MqunCQumtWq-W4Wzs0yJ2QEBMPZKj_QLgK7lzBJRsasGURA5tbvPUUPdRAxW9CNRIqC0DsmHLuiOayH1AzMT8DLnHAK5vFgI6mQl5paBhc50lJClJdHUswPAE7Doswb-9JCZmF4bcUgN-eIG6nHMGBY-Yv_6Nt8pO5TsDDLLCFk_RlT2E4d6sACg5y8DotQQaoUodyAm5q97nzOrT12s110_nzgS2e5U_PCfz_1ZfR7g1OM4tqXjLuwNvZlBr-oiPuR6CucxUefmrHvGU5W8IpbEU4SubOkhQ5Jm-yGkElzFRtcKAvzrBziahi7PsTqWJfNmhp5X6FMGYN59ETZRsV3_KDNNLfM859qR3eWfAiR4b0jPemXUrmS4IBpZCU4HqTYh0H32aiL0DZCUyE50S0I2rEYlpOClrhzK9p1qhdslCi3MAu0uro3RPYBtahyFwIhiWRqp6SWhw3MwT7ChhJWsaPm8QfSMJbY4_r19kiJovDKOu_STtdhmhYh4XRjoE1Z73N0ak9oY1xrrfmEaYMpxD24-8ufJy0NazeuZmH9Qu3gzmRVk567abgwJX6eW_ByQMFh4EIsB2HxOQGAgIsbBcmlzhRMxRx193z3hc5AvkswFW4TiktJKBcS_w0j5mqMMQHb6v9-HUYdZ1BJmIBYCeAXV24mk0NpPFABXiCa2oHFHwQ2rnT9bFdbDpHB_i2RCsmYJx8x2gIYCnksPCMmdeaTLxyskDxOtaOH1rmziUHUYT8urP_XZwifNza6-9XICWEEfyWua42i9Xb7T9b5gKcGLnIdWrmGiuiHeXU5ZnKw0ZOuErJ3Ma1yIm3irdFaTMmtE75Fc8N94OtEz8QunlprPv4TH_2sr_N-C7L0ekpg-x4Gv6TzHJeWV4MloEVKbmCKw1JXFw

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| eio_lazy_vars boolean| ewww_webp_supported object| lazySizesConfig object| lazySizes object| swv object| wpcf7 function| renderInvisibleReCaptcha object| Stickyfill object| cocoon_localize_script_options object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
mamagon.blog
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.gstatic.com
pagead2.googlesyndication.com
104.17.25.14
141.147.168.132
142.250.207.98
172.217.161.194
172.217.25.164
2404:6800:400a:805::2003
2404:6800:400a:80c::2001
2404:6800:400a:813::200a
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
1a78130d49a6ae773352e95182371cd29abe66c8618008ab0416a2e3b41fa058
1b8627e4710868c5ec6264c4a196b994c34ac17905597fb769bfaafa01df212f
22d3928c65e53423dea874dbb8f438697f8e0b4a32b19c3082d8eb4045750f93
22e5f1ed3df935248f27fa5727af86a1572746560a29d83bc99fa9cf8cc3fc16
235a79d1591263625d5e75cde03e0dda76f63b377ecd914ac35fc45e242a568f
34c2d3905802f5afef7a0b089f245d6c434778c0ed89efc932d49a7f8016e15c
4132c592125976c650d95ce0b7443381e534b8d3e6ba79e1f933d8ef67535d02
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4a9379c9331dbcc3f27ae610140e0024e6b418080eb42e7bd58c5aa1cee7461f
5695aa5d28fe5648515041c21214219f528e2fc24614d49cb26a0c97b27cc090
5a2766471059b9a9267c2e62292c2b50b5a173656969cc26b6259c6ea1d80b82
5bd226bea3f3c1aef8c652d886aed9b22135e90de91ce729d576d4fa78edbdc5
5cae52064d7f88180705ec9cbf2363b0f72df5c278883f0765b0796bc0753969
61a80b943f1a2c41b81efccb8e202de1de1cd85c3413458988ac5c58d188731b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a1d7c5a9e5e2d3b338b62a9495855997beca33995cde9ee6efcc14b82161da0
6b7169ccbd9a5a25c10dd48615317e091c673647f49b9683af1e1ae5bd358cd4
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
7dd74226a74db51354d220aa9a2676e0199072a879c811982d7a1426b6585917
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9e72a8695ce8d3176b66d8669b97d85b741aa74b3fca132e539a65ca4ddcc353
a092e67c134cabcfc97c62c99673ef2835b8b0e566cb658dccb3e455853fdf89
a18a417cd7063f770062cc955ec72cecd30faf1e4b3b7dd8b33f6aac6bfc5643
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a46a79af9fffc4a4eed5eabbaff57ebac67f2df5f5b003bdfc961106f200ea31
b02dfd272ecdd8b4736df5fb3e0704e64453255f40aa230037857243585101a8
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
c54947e67503bb21778d64789ceac992de7249f7cbcfea7dc233e7db5c2a72fa
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d3525dd8c5309b3ed9bd2e6f2f21f8a722617b4bc6e66bb44922117576c3480f
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
dae35cad6a9490b667e2d1f9e81d2032998b8a8454caf848df6c04fdb46b2656
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
f6956c081898cba209f04bf3a248390c30564a1042f500d1152ecb50429acbce
f72bddf4d5757e2f3a51c5fb3a392336e392f733aa890a79af75cf67be7ed4e9
f98a1801e44ad9402acfa23ebf5e60965bd51826c7006578f53078c7f4ecaa41