newyear.webfan.org Open in urlscan Pro
183.181.96.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newyear.webfan.org/
Submission Tags: phishingrod
Submission: On April 30 via api (April 30th 2024, 4:06:03 am UTC) from DE — Scanned from JP

Summary HTTP 33 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 33 HTTP transactions. The main IP is 183.181.96.86, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is newyear.webfan.org.
TLS certificate: Issued by R3 on March 1st 2024. Valid for: 3 months.

This is the only time newyear.webfan.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	183.181.96.86 183.181.96.86	131965 (XSERVER X...) (XSERVER Xserver Inc.)
5	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
6	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80b::200e	15169 (GOOGLE) (GOOGLE)
9	172.217.161.78 172.217.161.78	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:821::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.26.228 172.217.26.228	15169 (GOOGLE) (GOOGLE)
33	8

7 183.181.96.86 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv12725.xserver.jp

newyear.webfan.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.42.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80b::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.161.78 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.26.228 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660 www.google.com — Cisco Umbrella Rank: 2	70 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	282 KB
7	webfan.org newyear.webfan.org	128 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
33	4

	Domain	Requested by
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	newyear.webfan.org	newyear.webfan.org
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	newyear.webfan.org pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
33	6

This site contains links to these domains. Also see Links.

Domain
bbq.webfan.org
camp.webfan.org
hanabi.webfan.org
illumi.webfan.org
mikaku.webfan.org
sea.webfan.org
ski.webfan.org

Subject Issuer	Validity	Valid
newyear.webfan.org R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://newyear.webfan.org/
Frame ID: CDDEF1A164B23C2FFD74D2BB4DA9C31B
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html
Frame ID: 2B2C687264661A1275A922F69B82B10B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&adk=3046330955&adf=2044148826&lmt=1714449959&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fnewyear.webfan.org%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958833&bpp=5&bdt=122&idt=169&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6466610025158&frm=20&pv=2&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=190
Frame ID: A0F2AAAE9625E1C238DA971C45CAE683
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=15&slotname=2637400475&adk=216414427&adf=509419931&pi=t.ma~as.2637400475&w=468&lmt=1714449959&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958838&bpp=1&bdt=127&idt=199&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=206
Frame ID: 89A9E8404EA8C11954EA1F435CBE47BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=280&slotname=3695331275&adk=1484041147&adf=2767920810&pi=t.ma~as.3695331275&w=336&lmt=1714449959&format=336x280&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958839&bpp=1&bdt=128&idt=212&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&prev_slotnames=2637400475&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=216
Frame ID: C0B1428114D29039CB48490E96CBB863
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=250&slotname=1160667272&adk=2841768280&adf=615102365&pi=t.ma~as.1160667272&w=300&lmt=1714449959&format=300x250&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958840&bpp=1&bdt=129&idt=222&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C336x280&prev_slotnames=2637400475&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=225
Frame ID: D1306E30B27F2BAC9E549BEE335D7769
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=250&slotname=1160667272&adk=2841768280&adf=3245447831&pi=t.ma~as.1160667272&w=300&lmt=1714449959&format=300x250&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958841&bpp=1&bdt=130&idt=231&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C336x280%2C300x250&prev_slotnames=2637400475&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=234
Frame ID: 5B71C1A18529AB9CBFF1F2F8459BFB26
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6367AF5E3BA8178FE80066073CAD89D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAF1FD74E605B9B42218167F0C62FE23
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

初詣

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

33
Requests

97 %
HTTPS

29 %
IPv6

4
Domains

6
Subdomains

8
IPs

3
Countries

479 kB
Transfer

1136 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://bbq.webfan.org/
Title: バーベキュー

Search URL Search Domain Scan URL

URL: https://camp.webfan.org/
Title: キャンプ場

Search URL Search Domain Scan URL

URL: https://hanabi.webfan.org/
Title: 花火大会

Search URL Search Domain Scan URL

URL: https://illumi.webfan.org/
Title: イルミネーション

Search URL Search Domain Scan URL

URL: https://mikaku.webfan.org/
Title: 味覚狩り

Search URL Search Domain Scan URL

URL: https://sea.webfan.org/
Title: 海水浴場

Search URL Search Domain Scan URL

URL: https://ski.webfan.org/
Title: スキー場

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newyear.webfan.org/ 9 KB
3 KB 190ms
156ms Document
text/html 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://newyear.webfan.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: c4ed0c5f0f817ad12ba1b3ac22851817b455077003c8c3f9658774eb60240287

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 04:05:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
newyear.webfan.org/css/ 5 KB
2 KB 11ms
10ms Stylesheet
text/css 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://newyear.webfan.org/css/style.css
Requested by: Host: newyear.webfan.org
URL: https://newyear.webfan.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: 9d19d8bc4d7e5abfc3b143efa47479b2602e07cd898dddd3e39020b58cc3e476

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
content-encoding: br
last-modified: Thu, 06 Jul 2017 02:24:38 GMT
server: nginx
etag: W/"15de-5539cd17a2580"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 07 May 2024 04:05:58 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 93ms
49ms Script
text/javascript 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9002567891664102

Requested by

Host: newyear.webfan.org
URL: https://newyear.webfan.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e1227c2528fb54d98db1d349384e72c224d5eef28796f61a5837f57815fdd0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Origin: https://newyear.webfan.org
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51405
x-xss-protection: 0
server: cafe
etag: 14605682693679865630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 30 Apr 2024 04:05:58 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 92ms
55ms Script
text/javascript 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newyear.webfan.org
URL: https://newyear.webfan.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cbabd2f258250865618cd347aded08c617a5d003e9bfa228331a86da45fe1a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51403
x-xss-protection: 0
server: cafe
etag: 5362141203116087306
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 30 Apr 2024 04:05:58 GMT

GET
H2 200 topback.png
newyear.webfan.org/img/ 110 KB
111 KB 19ms
18ms Image
image/png 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyear.webfan.org/img/topback.png
Requested by: Host: newyear.webfan.org
URL: https://newyear.webfan.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: 9c125685ac789b0abef7824581ebaa0b0de635dbf2a6259543e0327e44b0d1fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/css/style.css
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
last-modified: Wed, 05 Jul 2017 06:57:29 GMT
server: nginx
etag: "1b9b4-5538c836c6840"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 113076
expires: Tue, 07 May 2024 04:05:58 GMT

GET
H2 200 logo.png
newyear.webfan.org/img/ 8 KB
8 KB 19ms
19ms Image
image/png 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyear.webfan.org/img/logo.png
Requested by: Host: newyear.webfan.org
URL: https://newyear.webfan.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: 24922c73ddfbae2ee18b947fd1ae44a560fba5a30fb9949f7e4b9d8d213a8b2d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/css/style.css
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
last-modified: Wed, 05 Jul 2017 03:50:50 GMT
server: nginx
etag: "1ffd-55389e7e93a80"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8189
expires: Tue, 07 May 2024 04:05:58 GMT

GET
H2 200 iconArrow.png
newyear.webfan.org/img/ 1 KB
2 KB 18ms
18ms Image
image/png 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyear.webfan.org/img/iconArrow.png
Requested by: Host: newyear.webfan.org
URL: https://newyear.webfan.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: 84ff807fbf2f731b9f62393c2e5d559778abf7df211906cd00393fcf20532016

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/css/style.css
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
last-modified: Fri, 08 Nov 2013 01:35:00 GMT
server: nginx
etag: "599-4eaa063fc7900"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1433
expires: Tue, 07 May 2024 04:05:58 GMT

GET
H2 200 iconArrow2.png
newyear.webfan.org/img/ 1 KB
1 KB 19ms
18ms Image
image/png 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newyear.webfan.org/img/iconArrow2.png
Requested by: Host: newyear.webfan.org
URL: https://newyear.webfan.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: 798d4375e849a23b0d12afc03f6814a3ec851fa1cdba6999d9c6e2555e2bd719

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/css/style.css
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
last-modified: Fri, 08 Nov 2013 01:35:00 GMT
server: nginx
etag: "53d-4eaa063fc7900"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1341
expires: Tue, 07 May 2024 04:05:58 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/ 411 KB
139 KB 70ms
70ms Script
text/javascript 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9002567891664102

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a98bf42b9427b5181b2c1f757b99cfa08f48faf86ed843f9a5f90a32226e0e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142320
x-xss-protection: 0
server: cafe
etag: 15419642639036274975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Apr 2024 04:05:58 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/ Frame 2B2C 0
0 40ms
3ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240425/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 6889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 02:11:10 GMT
etag: 5035419970550746386
expires: Tue, 14 May 2024 02:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A0F2 0
0 600ms
578ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&adk=3046330955&adf=2044148826&lmt=1714449959&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fnewyear.webfan.org%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958833&bpp=5&bdt=122&idt=169&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6466610025158&frm=20&pv=2&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=190

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5027
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:05:59 GMT
expires: Tue, 30 Apr 2024 04:05:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 400 ads
googleads.g.doubleclick.net/pagead/ Frame 89A9 0
0 65ms
64ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=15&slotname=2637400475&adk=216414427&adf=509419931&pi=t.ma~as.2637400475&w=468&lmt=1714449959&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958838&bpp=1&bdt=127&idt=199&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:05:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame C0B1 0
0 255ms
252ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=280&slotname=3695331275&adk=1484041147&adf=2767920810&pi=t.ma~as.3695331275&w=336&lmt=1714449959&format=336x280&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958839&bpp=1&bdt=128&idt=212&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&prev_slotnames=2637400475&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:05:59 GMT
expires: Tue, 30 Apr 2024 04:05:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D130 0
0 183ms
182ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=250&slotname=1160667272&adk=2841768280&adf=615102365&pi=t.ma~as.1160667272&w=300&lmt=1714449959&format=300x250&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958840&bpp=1&bdt=129&idt=222&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C336x280&prev_slotnames=2637400475&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=225

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:05:59 GMT
expires: Tue, 30 Apr 2024 04:05:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5B71 0
0 181ms
180ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9002567891664102&output=html&h=250&slotname=1160667272&adk=2841768280&adf=3245447831&pi=t.ma~as.1160667272&w=300&lmt=1714449959&format=300x250&url=https%3A%2F%2Fnewyear.webfan.org%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714449958841&bpp=1&bdt=130&idt=231&shv=r20240425&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C336x280%2C300x250&prev_slotnames=2637400475&nras=1&correlator=6466610025158&frm=20&pv=1&ga_vid=205254960.1714449959&ga_sid=1714449959&ga_hid=1978635598&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081563%2C31083150%2C95331042%2C95331555%2C95331696&oid=2&pvsid=4424980472756736&tmod=1007676016&uas=0&nvt=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=234

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 407
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:05:59 GMT
expires: Tue, 30 Apr 2024 04:05:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-9002567891664102 Show response
fundingchoicesmessages.google.com/i/ 181 KB
61 KB 116ms
66ms Script
application/javascript 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9002567891664102?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

367a5e1fdb1fd0d5b4fbbcccfce2a7d7640c6a1e6019fca199efbd64079638df

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PKxnNgDC3-2JWOwwlbMczQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PKxnNgDC3-2JWOwwlbMczQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhHo7ldw5uZBPYcXPrPSYA-_YreA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXeosZeUW98H6g_TwkBlujuWik-MQRUG12Fk61cW_XBVZuYF7YfXU7bvewNKRzm1d1kB7DxYhpv26s7sfBQzr85eiVJq1Efq0YBspyjzmS5lQXgNnJG5_G95szjzX9WAl7sE0L2KQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
62ms Script
application/javascript 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXeosZeUW98H6g_TwkBlujuWik-MQRUG12Fk61cW_XBVZuYF7YfXU7bvewNKRzm1d1kB7DxYhpv26s7sfBQzr85eiVJq1Efq0YBspyjzmS5lQXgNnJG5_G95szjzX9WAl7sE0L2KQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0NDQ5OTU5LDgwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXd5ZWFyLndlYmZhbi5vcmcvIixudWxsLFtbOCwiU1J0eE9DWWdBSDgiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.SRtxOCYgAH8.es5.O/am=gAE/d=1/rs=AJlcJMwb5k7AyOBbgxVVndO5TwM-2qUD0Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3a36c3fbb7a90c110f24473c72f42f0812ae28b70ba98bb676cc95d74c23fe3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pqGSFpm5-1NckbZXqvoebQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-pqGSFpm5-1NckbZXqvoebQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhHo7ldw5uZBP4sOzPFGYAAAUrhA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWCs8vvZP0dyc-86jT8yv4xCkv69v0edd8QSUZyiKjRXdDReleDa8l3aLDLBPzXyXQWv2kSS3qwl7BWazA8izuF4EnZN4gK2_POAYemx45zyxwCi9OMJfLFNARu-1DgjxIzCX-W1g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 58ms
58ms Script
application/javascript 172.217.161.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWCs8vvZP0dyc-86jT8yv4xCkv69v0edd8QSUZyiKjRXdDReleDa8l3aLDLBPzXyXQWv2kSS3qwl7BWazA8izuF4EnZN4gK2_POAYemx45zyxwCi9OMJfLFNARu-1DgjxIzCX-W1g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0NDQ5OTU5LDg3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbmV3eWVhci53ZWJmYW4ub3JnLyIsbnVsbCxbWzgsIlNSdHhPQ1lnQUg4Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

0bf852744db86abe60f2f09a1c067b04e4ef3d74e64519fb1c6d948a6d161bdf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hiyGTIv5mUr8CW1F_6XbLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-hiyGTIv5mUr8CW1F_6XbLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhHo7ldw5uZBN48eDGRmYA_vwrqw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
52ms XHR
application/json 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240425&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a25543546597c12a322d303257264df3867b1e991dbe4be86d50c762663a81a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12152
x-xss-protection: 0

GET
H2 404 favicon.ico
newyear.webfan.org/ 3 KB
1 KB 10ms
10ms Other
text/html 183.181.96.86
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://newyear.webfan.org/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.181.96.86 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv12725.xserver.jp
Software: nginx /
Resource Hash: d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:05:59 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 00:54:46 GMT
server: nginx
etag: W/"afe-5c05ce47b744f"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
58ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js?bust=31083150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 04:06:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E636 0
0 39ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 1193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 03:46:07 GMT
expires: Wed, 30 Apr 2025 03:46:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame AAF1 0
0 81ms
41ms Document
text/html 172.217.26.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.26.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MRZu1p_dAz4bcZVEEVkIGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://newyear.webfan.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MRZu1p_dAz4bcZVEEVkIGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:06:00 GMT
expires: Tue, 30 Apr 2024 04:06:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ck.php Show response
fundingchoicesmessages.google.com/f/AGSKWxXX-XGTElP1daj-cZzOH4SLRzp9-jzZUATOHPeoX0cSmDK8xg6Yw3Sfg6jy4ugo4rHsu68srTqK-RthUpyypJKGCOy0eOIbjaHAYjJLsv7dBDuadAYVw_GG_BiZpYbo8hKfie2xC8UI_3H44XaJZzJ3ha3t3... 54 B
110 B 62ms
62ms Script
application/javascript 172.217.161.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXX-XGTElP1daj-cZzOH4SLRzp9-jzZUATOHPeoX0cSmDK8xg6Yw3Sfg6jy4ugo4rHsu68srTqK-RthUpyypJKGCOy0eOIbjaHAYjJLsv7dBDuadAYVw_GG_BiZpYbo8hKfie2xC8UI_3H44XaJZzJ3ha3t38VYpW8pRAPYPsjTCBoWMWqWs0r7jL2Z/_/bunyad__ad_change./ck.php?nids/adleader./adtology.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.SRtxOCYgAH8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzfiusUAMInvKYZViwi_5575UUjdA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

785a4b68efd27fea49c8eda5a839cc333b33d9b4a19da7586f01ef615f14aed6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LUgMGgw-rPTVdI3J9vtrXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-LUgMGgw-rPTVdI3J9vtrXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhHo4Vdw5uZBN4cGDGRCYA_V4rIw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 2ms
2ms Script
text/javascript 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

54fa27f57b4ef66cc6d21997d8f89000721c1024e9e5c47b57b127242ddc0d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 03:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24233
x-xss-protection: 0
server: cafe
etag: 5057382965656609286
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Apr 2024 04:46:07 GMT

POST
H3 204 AGSKWxVhLYHZYxAaWm-nwZp4Rdh_KSjpebcNmeUUg0xOV1AohRe-9f3LJ9mz9z6J5nHlukRaF485CD-r-SS3CKwlroGzhHicdM3kPg9LQ5M6oLW56hgFdDRS3slEFMWgeKPmvLgz_S45Nw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
50ms XHR
text/html 172.217.161.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhLYHZYxAaWm-nwZp4Rdh_KSjpebcNmeUUg0xOV1AohRe-9f3LJ9mz9z6J5nHlukRaF485CD-r-SS3CKwlroGzhHicdM3kPg9LQ5M6oLW56hgFdDRS3slEFMWgeKPmvLgz_S45Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-crlrdweA1ABJ_4JzVYGGSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-crlrdweA1ABJ_4JzVYGGSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1gDgFiIh2PFnYMb2QQOfF6wkAkAyLEMlQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear.webfan.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhLYHZYxAaWm-nwZp4Rdh_KSjpebcNmeUUg0xOV1AohRe-9f3LJ9mz9z6J5nHlukRaF485CD-r-SS3CKwlroGzhHicdM3kPg9LQ5M6oLW56hgFdDRS3slEFMWgeKPmvLgz_S45Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bVcexhaJ38vlqspX8yV59g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bVcexhaJ38vlqspX8yV59g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1gDgFiIh2PFnYMb2QRuPPs9nwkAyRQM8g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear.webfan.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhLYHZYxAaWm-nwZp4Rdh_KSjpebcNmeUUg0xOV1AohRe-9f3LJ9mz9z6J5nHlukRaF485CD-r-SS3CKwlroGzhHicdM3kPg9LQ5M6oLW56hgFdDRS3slEFMWgeKPmvLgz_S45Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m2KNUXw4Hle3msXOnRqeYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m2KNUXw4Hle3msXOnRqeYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1gDgFiIh2PFnYMb2QQ-zHm7mgkAyJYMwA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://newyear.webfan.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhLYHZYxAaWm-nwZp4Rdh_KSjpebcNmeUUg0xOV1AohRe-9f3LJ9mz9z6J5nHlukRaF485CD-r-SS3CKwlroGzhHicdM3kPg9LQ5M6oLW56hgFdDRS3slEFMWgeKPmvLgz_S45Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Dn_LbHGWGVRbpbdvCwJMeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Dn_LbHGWGVRbpbdvCwJMeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1gDgFiIh2PFnYMb2QQOnOlZwwQAyDMMZw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear.webfan.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWo2Hv0r0ZM-5fT1Ci7yLr4WI4IrcN8A369ifrzg4kBhSPFblT9v_EIeclVLH4djrciMAttOn6pCS_HM_KlkFUVSBw1VMEfwMtbh6k4WQZzEDF2r7557A-BgVgYtKsaNZ5nDUvjEQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
59ms Script
application/javascript 172.217.161.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWo2Hv0r0ZM-5fT1Ci7yLr4WI4IrcN8A369ifrzg4kBhSPFblT9v_EIeclVLH4djrciMAttOn6pCS_HM_KlkFUVSBw1VMEfwMtbh6k4WQZzEDF2r7557A-BgVgYtKsaNZ5nDUvjEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0NDQ5OTYwLDYwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9uZXd5ZWFyLndlYmZhbi5vcmcvIixudWxsLFtbOCwiU1J0eE9DWWdBSDgiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

efdfc791b791afaa65c03832edacd1eb43850ad55d71700cb391a87fa17d733f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jqybiZBfp7QaM-1cfYimtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-jqybiZBfp7QaM-1cfYimtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMaEMc8n86aAsRO6TNYA4DYp34GaxQQt948xzoZiE8uOM96EYiT_p1nLQBiIR6OFXcObmQT-LGkfxMTAPjvMD0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVq3j2px8D1fmzIR551T0NugMCCfUvPEgBlUC7DIzW1bB3y69_FfarK8P8RzMd1qSdQFaWUaxASJN_0HLVNhw-oAG5xDTd_Fu4JotaMAJQ4rxqmMGa2bEFaPt1x5pg2iTmpHjXxew== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 42ms
42ms XHR
text/html 172.217.161.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVq3j2px8D1fmzIR551T0NugMCCfUvPEgBlUC7DIzW1bB3y69_FfarK8P8RzMd1qSdQFaWUaxASJN_0HLVNhw-oAG5xDTd_Fu4JotaMAJQ4rxqmMGa2bEFaPt1x5pg2iTmpHjXxew==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_Aw1Z4W9GcrCRmCUxynbNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_Aw1Z4W9GcrCRmCUxynbNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1gDgFiIh2PFnYMb2QQ2LGg4wQQAxyUMOg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://newyear.webfan.org
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVhLYHZYxAaWm-nwZp4Rdh_KSjpebcNmeUUg0xOV1AohRe-9f3LJ9mz9z6J5nHlukRaF485CD-r-SS3CKwlroGzhHicdM3kPg9LQ5M6oLW56hgFdDRS3slEFMWgeKPmvLgz_S45Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yes72IIv0g236VIAYq26dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://newyear.webfan.org/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Apr 2024 04:06:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-Yes72IIv0g236VIAYq26dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1gDgFiIh2PFnYMb2QReXDt2kgkAygsM8A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://newyear.webfan.org
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240425&jk=4424980472756736&bg=!GxilGFfNAAYBeExMIXg7ADQBe5WfOMYPA0VHruGKPyt-ZX2rR9TWfwky4O4znPsjZlV1bcDR0STFCXqfanTK-Xvg86RqAgAAADFSAAAAA2gBB34ANdviZFoc5D4VZ1RUGMPrVPw3mQTavrOCo_Wt1DWZ6u18BTA4u3G80YKRC2Lxwz2mHPm9RvzxCgBoR6PBZqs9IBKh0O3PKQp86lT0JcmJada35T5mLgAyVsVyA0uqjixz0IxlU-Zicos_M3wJK2vh8NDnb71meNF9Y1hG3-qp3BIWhyOe4r-t_UH9TVH7H_IXuGXP1XN7wunAhmYne1IZ456ZApz7-hMBmx44cSGWd_LZrlLxyhoJkAosh8cUcys_C1-8VK9uaNLseQ1sQ2LwKB5PZSVU9ZldbioSyfIrJq7mE9PZ_TNrR8u32SpRTHh_hsZbCOP726RUq8IuYqBWvh4MW5QxYLgzEYeiwDM8eARsGXhMO65l_49r_0pG58lYmKi9gSH7m1I2UCpp-08uVRxaznLdm2hXB8L8hSeaNBq4iEELsz6UGXgFFu5YuCeDZ0x3JD_z6qRahRes6YnUgUMHarbICUqqx6h1QXn8OVwXStnh8OJiU0I2XeApPOD2GO6n9vUMKTamCazJvUJQuPTpcYzzrhcbaB89LG8CiZ2AQPQilpdHc64YReslZFafQ_6HjZA2gi8zW4utZXIvR-JFYqR2irIGlkkbyqLM-UX7uN_nijsH2LemG5ZRRxj8PXSvCXDx7ylzhsjmVqzoS6eJi6Zf3HZIINVOo-oilKp0hi4qRBDBbqCHLVzNFUergayL6Q4NiCIQXMLsxvxY-ReyL0I0qpkuEUwxTOyiVGSuuico7OAy9w6vDyYZzYtjt7NCqs8IVnWyp0V8tCMUiqKLoHHUOijvlFj-KH5WteBOR-Kxm4pdNzxwrpOd7DcklhraGIENNbjn7cfnq8U4NcELhD9RZ4FXgvgYBybthVPJV4OJAg9Tcn1aM15S3amwM8V9s7ZImvIbcJgHW8GKSVmCZpYIwrOU2y8bgPdcVXNyn0ssg3UaUKdwITgMyjN-cZBmIHTQw71ACqCwJ5KUa0MQER1SWO2mcsD_HOm0_39sWnWFT1kLxmpaO06m_0wuAci95Qzs4wXrgfVC5wNLCi0GSic3f2S5AxwMJiUHD6_ysSSvCfiHlgCU4DHj6f03CNGWrJ-QCntep5D9unxhXw

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 20:14:10	Name: test_cookie Value: CheckForPermission
.webfan.org/	1970-01-21 05:35:45	Name: __gads Value: ID=f16c5d39796e12ab:T=1714449959:RT=1714449959:S=ALNI_MY9W2wjFVOoY9dFstLuF5E9zDZrSw
.webfan.org/	1970-01-21 05:35:45	Name: __gpi Value: UID=00000e00c8d2f28d:T=1714449959:RT=1714449959:S=ALNI_MYzebVxQTtxHi_vPuDgZBJCplRoJA
.webfan.org/	1970-01-21 00:33:21	Name: __eoi Value: ID=04e007748c868c20:T=1714449959:RT=1714449959:S=AA-AfjZeqfPlrRt-tkqG8N5X0y0L
.webfan.org/	1970-01-21 04:59:45	Name: FCNEC Value: %5B%5B%22AKsRol9sW86naTowKcrS_oLOMCCxNzDQsQMjcOShyzhiK_OgajrnO9cLms7-GIIIt5QSWr7sIBne9n9d22O3Gu9CHCNVO1okK2dNnv_8EtEIIviY1-bNGzTRqc5McWXme7ZLA36y_YtRlGBR_s6wtqOM1X5L1f9HEw%3D%3D%22%5D%5D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://newyear.webfan.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newyear.webfan.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newyear.webfan.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newyear.webfan.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://newyear.webfan.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://newyear.webfan.org/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
newyear.webfan.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.250.199.98
142.251.42.194
172.217.161.78
172.217.26.228
183.181.96.86
2404:6800:4004:80b::200e
2404:6800:4004:821::2001
0bf852744db86abe60f2f09a1c067b04e4ef3d74e64519fb1c6d948a6d161bdf
24922c73ddfbae2ee18b947fd1ae44a560fba5a30fb9949f7e4b9d8d213a8b2d
367a5e1fdb1fd0d5b4fbbcccfce2a7d7640c6a1e6019fca199efbd64079638df
54fa27f57b4ef66cc6d21997d8f89000721c1024e9e5c47b57b127242ddc0d87
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
785a4b68efd27fea49c8eda5a839cc333b33d9b4a19da7586f01ef615f14aed6
798d4375e849a23b0d12afc03f6814a3ec851fa1cdba6999d9c6e2555e2bd719
84ff807fbf2f731b9f62393c2e5d559778abf7df211906cd00393fcf20532016
9c125685ac789b0abef7824581ebaa0b0de635dbf2a6259543e0327e44b0d1fa
9d19d8bc4d7e5abfc3b143efa47479b2602e07cd898dddd3e39020b58cc3e476
a25543546597c12a322d303257264df3867b1e991dbe4be86d50c762663a81a4
a3a36c3fbb7a90c110f24473c72f42f0812ae28b70ba98bb676cc95d74c23fe3
a98bf42b9427b5181b2c1f757b99cfa08f48faf86ed843f9a5f90a32226e0e2e
c4ed0c5f0f817ad12ba1b3ac22851817b455077003c8c3f9658774eb60240287
cbabd2f258250865618cd347aded08c617a5d003e9bfa228331a86da45fe1a98
d365165afdcb6f4108f403153aa460fd81c69824524df90d8a9ed4853f82e49f
e1227c2528fb54d98db1d349384e72c224d5eef28796f61a5837f57815fdd0c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efdfc791b791afaa65c03832edacd1eb43850ad55d71700cb391a87fa17d733f

newyear.webfan.org Open in urlscan Pro 183.181.96.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

97 %HTTPS

29 %IPv6

4 Domains

6 Subdomains

8 IPs

3 Countries

479 kBTransfer

1136 kBSize

5 Cookies

7 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newyear.webfan.org Open in urlscan Pro
183.181.96.86 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

29 %
IPv6

4
Domains

6
Subdomains

8
IPs

3
Countries

479 kB
Transfer

1136 kB
Size

5
Cookies

33 HTTP transactions
0 data transactions