white-bear.info Open in urlscan Pro
157.7.107.248 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://white-bear.info/
Submission Tags: falconsandbox
Submission: On September 23 via api (September 23rd 2021, 10:55:30 am UTC) from US — Scanned from DE

Summary HTTP 190 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 23 domains to perform 190 HTTP transactions. The main IP is 157.7.107.248, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is white-bear.info.

This is the only time white-bear.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	157.7.107.248 157.7.107.248	7506 (INTERQ GM...) (INTERQ GMO Internet)
2	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
17	18.177.164.57 18.177.164.57	16509 (AMAZON-02) (AMAZON-02)
16	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	107.20.147.136 107.20.147.136	14618 (AMAZON-AES) (AMAZON-AES)
5	52.198.26.114 52.198.26.114	16509 (AMAZON-02) (AMAZON-02)
1	104.20.60.241 104.20.60.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.212.66.39 35.212.66.39	15169 (GOOGLE) (GOOGLE)
3	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
3 9	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	216.58.212.174 216.58.212.174	15169 (GOOGLE) (GOOGLE)
2	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
3 13	202.228.215.63 202.228.215.63	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 3	202.228.215.64 202.228.215.64	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	52.119.165.175 52.119.165.175	16509 (AMAZON-02) (AMAZON-02)
2	52.119.173.124 52.119.173.124	16509 (AMAZON-02) (AMAZON-02)
9	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
5 10	143.204.98.109 143.204.98.109	16509 (AMAZON-02) (AMAZON-02)
5	157.240.236.15 157.240.236.15	32934 (FACEBOOK) (FACEBOOK)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
11	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
18	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
6	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
5	52.119.167.137 52.119.167.137	16509 (AMAZON-02) (AMAZON-02)
2	143.204.95.227 143.204.95.227	16509 (AMAZON-02) (AMAZON-02)
2	52.119.163.203 52.119.163.203	16509 (AMAZON-02) (AMAZON-02)
1	172.67.177.215 172.67.177.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11 14	202.228.215.61 202.228.215.61	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	202.228.215.15 202.228.215.15	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	52.198.50.3 52.198.50.3	16509 (AMAZON-02) (AMAZON-02)
190	33

42 157.7.107.248 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-248.virt.lolipop.jp

white-bear.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.177.164.57 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com

www23.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www19.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www29.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www10.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www12.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www16.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www26.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www18.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www17.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www15.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www27.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.20.147.136 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com

yarpp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.198.26.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com

www22.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www25.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.60.241 (None, )

ASN13335 (CLOUDFLARENET, US)

s3.feedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.66.39 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.66.212.35.bc.googleusercontent.com

ad.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.196 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.174 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 202.228.215.63 (Japan) 3 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp

omt.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.lime-juice.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.228.215.64 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp

x9.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.119.165.175 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

rcm-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.119.173.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ws-fe.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.98.109 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-109.fra50.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.236.15 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-02-frx5.facebook.com

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.119.167.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)

wms-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.95.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-227.fra50.r.cloudfront.net

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.119.163.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)

fls-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.177.215 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 202.228.215.61 (Japan) 11 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp

sync.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.228.215.15 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: adm.shinobi.jp

adm.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.50.3 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-50-3.ap-northeast-1.compute.amazonaws.com

sync.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	white-bear.info white-bear.info	951 KB
34	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	403 KB
23	shinobi.jp 12 redirects omt.shinobi.jp x9.shinobi.jp sync.shinobi.jp adm.shinobi.jp	120 KB
22	a8.net www23.a8.net www19.a8.net www29.a8.net www10.a8.net www22.a8.net www12.a8.net www16.a8.net www26.a8.net www18.a8.net www17.a8.net www15.a8.net www27.a8.net www25.a8.net	285 KB
14	facebook.com www.facebook.com graph.facebook.com	19 KB
14	google.com 3 redirects www.google.com cse.google.com adservice.google.com clients1.google.com	389 KB
12	doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	88 KB
10	hatena.ne.jp 5 redirects b.hatena.ne.jp	5 KB
9	amazon-adsystem.com 2 redirects rcm-fe.amazon-adsystem.com wms-fe.amazon-adsystem.com fls-fe.amazon-adsystem.com	11 KB
8	lime-juice.net 3 redirects code.lime-juice.net	5 KB
6	2mdn.net s0.2mdn.net	91 KB
4	googletagservices.com www.googletagservices.com	144 KB
3	google-analytics.com www.google-analytics.com	17 KB
2	media-amazon.com m.media-amazon.com	5 KB
2	assoc-amazon.com ws-fe.assoc-amazon.com	29 KB
2	facebook.net connect.facebook.net	77 KB
2	linksynergy.com 1 redirects ad.linksynergy.com	509 B
2	yarpp.org 1 redirects yarpp.org	333 B
2	zencdn.net vjs.zencdn.net	20 KB
1	im-apps.net sync.im-apps.net	593 B
1	getrockerbox.com metrics.getrockerbox.com	691 B
1	googleadservices.com partner.googleadservices.com	661 B
1	feedly.com s3.feedly.com	10 KB
190	23

	Domain	Requested by
42	white-bear.info	white-bear.info
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	white-bear.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	sync.shinobi.jp	11 redirects white-bear.info
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	b.hatena.ne.jp	5 redirects white-bear.info
9	www.facebook.com	white-bear.info www.facebook.com connect.facebook.net
9	www.google.com	3 redirects www.google.com white-bear.info tpc.googlesyndication.com
8	code.lime-juice.net	3 redirects white-bear.info
6	s0.2mdn.net	googleads.g.doubleclick.net s0.2mdn.net
5	wms-fe.amazon-adsystem.com	ws-fe.assoc-amazon.com
5	graph.facebook.com	omt.shinobi.jp
5	omt.shinobi.jp	white-bear.info omt.shinobi.jp
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www22.a8.net	white-bear.info
3	x9.shinobi.jp	1 redirects white-bear.info
3	www.google-analytics.com	white-bear.info
3	www10.a8.net	white-bear.info
2	fls-fe.amazon-adsystem.com	ws-fe.assoc-amazon.com
2	m.media-amazon.com	ws-fe.assoc-amazon.com
2	adservice.google.com	pagead2.googlesyndication.com
2	ws-fe.assoc-amazon.com	white-bear.info
2	rcm-fe.amazon-adsystem.com	2 redirects
2	connect.facebook.net	white-bear.info connect.facebook.net
2	cse.google.com	white-bear.info www.google.com
2	ad.linksynergy.com	1 redirects white-bear.info
2	www18.a8.net	white-bear.info
2	www12.a8.net	white-bear.info
2	www29.a8.net	white-bear.info
2	yarpp.org	1 redirects white-bear.info
2	www23.a8.net	white-bear.info
2	vjs.zencdn.net	white-bear.info
1	sync.im-apps.net	white-bear.info
1	adm.shinobi.jp	white-bear.info
1	metrics.getrockerbox.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	clients1.google.com	white-bear.info
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www25.a8.net	white-bear.info
1	www27.a8.net	white-bear.info
1	www15.a8.net	white-bear.info
1	www17.a8.net	white-bear.info
1	www26.a8.net	white-bear.info
1	www16.a8.net	white-bear.info
1	s3.feedly.com	white-bear.info
1	www19.a8.net	white-bear.info
190	46

This site contains links to these domains. Also see Links.

Domain
px.a8.net
line.me
www.lg.com
cloud.feedly.com

Subject Issuer	Validity	Valid
*.yarpp.org R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2021-05-25` - `2022-06-26`	a year	crt.sh
*.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2021-07-06` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-03` - `2021-10-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
ws-fe.assoc-amazon.com Amazon	`2020-12-25` - `2021-12-24`	a year	crt.sh
*.b.hatena.ne.jp Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
wms-fe.assoc-amazon.com Amazon	`2021-08-19` - `2022-08-18`	a year	crt.sh
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2021-03-23` - `2022-03-22`	a year	crt.sh
fls-fe.amazon-adsystem.com Amazon	`2021-07-01` - `2022-06-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh
*.shinobi.jp R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
*.lime-juice.net R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
*.im-apps.net Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://white-bear.info/
Frame ID: 0EB25FAE17A721DAD5C2C4ADEBF07F3A
Requests: 121 HTTP requests in this frame

Frame: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Frame ID: 75D62BC960A20BD02F6A94FA202D7A58
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Frame ID: 14034DE14E9FC8BDCF8E559100E6FBB5
Requests: 1 HTTP requests in this frame

Frame: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Frame ID: 75CAC93CA31FAD318B866C398ED2DB67
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Frame ID: 9E5091BD5E3629A0A3CCC27ACA0672E1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Frame ID: B99C377C4027BD9F5AAC7C82ACA54FB3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Frame ID: A2126DC0D4633EFF9D58A423B13D6C1F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Frame ID: 8F35DE74AE8C66B7DA3CB420D1DD2B03
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Frame ID: 67A12ABE71C5504F67051ED2F8C5CFD9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850
Frame ID: 9ED01A5A9EF49E0A6DFFD53378F80703
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=60&slotname=3020944594&adk=854543127&adf=3522660600&pi=t.ma~as.3020944594&w=468&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394520501&bpp=12&bdt=1152&idt=2177&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=768787253307&frm=20&pv=2&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=797&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IczhuXf3zD&p=http%3A//white-bear.info&dtd=2191
Frame ID: 99B7076FAB97FAD328A97CBA399D2FC8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597
Frame ID: 4ABC792600CD238CEB9074CC221939FE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593
Frame ID: E3FDBA399CD652043A44FBC201E844E7
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html
Frame ID: D31B6070181CF18F4F2DE399A1BB41DD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 432DBA91E68140BC57732331B5340A3D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6DED0129A9A279C6DF3EBEF9B0D36197
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: 5B4B2BED15ACD3056B5F6AD9A5413138
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7BA43D2F1B5613D23784B82F365A81BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: 32771F2AD70843816F03F5FAB2C230FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html
Frame ID: 5B8518E5A74520E40B9B6179E7FDAA24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&adk=1812271804&adf=3025194257&lmt=1632394517&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwhite-bear.info%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632394526771&bpp=2&bdt=7423&idt=2&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35eec685147fbb0e-22bdd57948c900f9%3AT%3D1632394523%3ART%3D1632394523%3AS%3DALNI_MbYo_8KFVx6wm1k1piz-oOZGrhK8g&prev_slotnames=3020944594%2C7590744996%2C9067478191&nras=1&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&psts=AGkb-H811bQE7e-wVRJKnEvmk6ri51_cajDXYE0cOmUaMIO6hnq0V-ZBI1GHkFMno0yLK2xsBTlY2OlxtgY%2CAGkb-H8F7GhJBOTpBtSvBGh9_vtEUnRIERpWrp9U31EWEAvvrtkv8TEQCqVPLhQJsATB7KO_c-f3WzNne5jbkA%2CAGkb-H8bPtm9tShttvX2m4GtLUAyoU3RhMKX3gG7McZbYjEAzHb5fCiD14bE_TclE8yGefjcjgrjKZ0lXb0&pvsid=2393443195029660&pem=884&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=21
Frame ID: 7B4F1D73C9F97F2A63FB268EF309D61C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 59503F8C741BCDEE94AEE1664FD420D4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65226E189AA57131733C312FC16F56B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

インターネットとかシロクマとか検索

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

VideoJS (Video Players) Expand

Overall confidence: 100%
Detected patterns

zencdn\.net/c/video\.js

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

190
Requests

59 %
HTTPS

0 %
IPv6

23
Domains

46
Subdomains

33
IPs

4
Countries

2663 kB
Transfer

4490 kB
Size

15
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://px.a8.net/svt/ejp?a8mat=2HYOLS+9JJ5LM+348+U2LRL

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?PS4%20Pro%E3%81%A8LG%2032UD59-B%E3%82%924K%2F60MHz%E3%81%A7%E6%8E%A5%E7%B6%9A%E3%81%99%E3%82%8B%0Ahttp%3A%2F%2Fwhite-bear.info%2Farchives%2F1897%23SjpZ3Je.line_responsive

Search URL Search Domain Scan URL

URL: http://www.lg.com/jp/monitor/lg-32UD59-B
Title: LG社の32UD59-B

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?iPhone7%E3%80%80%E3%82%AA%E3%82%B9%E3%82%B9%E3%83%A1%E3%81%AE%E3%82%AF%E3%83%AA%E3%82%A2%E3%82%B1%E3%83%BC%E3%82%B9%0Ahttp%3A%2F%2Fwhite-bear.info%2Farchives%2F1886%23SjpZ3Je.line_responsive

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?Web%E3%82%B5%E3%82%A4%E3%83%88%E3%81%AE%E3%81%97%E3%81%8F%E3%81%BF%E3%82%92%E3%82%84%E3%81%95%E3%81%97%E3%81%8F%E8%A7%A3%E8%AA%AC%E3%81%97%E3%81%A6%E3%81%BF%E3%82%8B(2)%0Ahttp%3A%2F%2Fwhite-bear.info%2Farchives%2F1853%23SjpZ3Je.line_responsive

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?Web%E3%82%B5%E3%82%A4%E3%83%88%E3%81%AE%E3%81%97%E3%81%8F%E3%81%BF%E3%82%92%E3%82%84%E3%81%95%E3%81%97%E3%81%8F%E8%A7%A3%E8%AA%AC%E3%81%97%E3%81%A6%E3%81%BF%E3%82%8B(1)%0Ahttp%3A%2F%2Fwhite-bear.info%2Farchives%2F1843%23SjpZ3Je.line_responsive

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?Mac%20OS%20X%20El%20Capitan(10.11.3)%E3%81%ABeclipse(neon)%20%2B%20PHP(PDT)%20%2B%20%E6%97%A5%E6%9C%AC%E8%AA%9E%E5%8C%96%E3%80%80%E3%82%92%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%88%E3%83%BC%E3%83%AB%E3%81%99%E3%82%8B%0Ahttp%3A%2F%2Fwhite-bear.info%2Farchives%2F1822%23SjpZ3Je.line_responsive

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=2HYOLS+9JJ5LM+348+U6ODD

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=2HYPE5+9711WA+3AXY+639IP

Search URL Search Domain Scan URL

URL: http://cloud.feedly.com/#subscription%2Ffeed%2Fhttp%3A%2F%2Fwhite-bear.info%2Ffeed

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=2NVEAA+E0A6XM+3GRY+63WO1

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=25N9HH+218C6Q+348+6EMGX

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=2NVEAA+E0A6XM+3GRY+63OY9

Search URL Search Domain Scan URL

URL: https://px.a8.net/svt/ejp?a8mat=2NVEAA+DD2ACA+3476+6PRPD

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=25KUZ3+BLYC7U+50+2HMT4H

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=25NGL4+CJALBM+348+1BSGQ9

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=25NGL4+CJALBM+348+1BXLWX

Search URL Search Domain Scan URL

URL: http://px.a8.net/svt/ejp?a8mat=25NGL4+CJALBM+348+1C6TPD

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://yarpp.org/pixels/d985d71900096d8c25ba349905b3ba6a HTTP 301
https://yarpp.org/pixels/d985d71900096d8c25ba349905b3ba6a

Request Chain 58

http://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0 HTTP 301
https://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0

Request Chain 67

http://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=white-bear.info&utmsr=1600x1200&utmul=en-US&utmr=http%3A%2F%2Fwhite-bear.info%2F&utmp=white-bear.info%2F&utmcc=__utma%3D1.7213437527.1.1.1.1%3B&utme=8(vjsv)9(v3.2.0c) HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=white-bear.info&utmsr=1600x1200&utmul=en-US&utmr=http%3A%2F%2Fwhite-bear.info%2F&utmp=white-bear.info%2F&utmcc=__utma%3D1.7213437527.1.1.1.1%3B&utme=8(vjsv)9(v3.2.0c)

Request Chain 68

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 69

http://www.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru HTTP 301
https://cse.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru

Request Chain 70

http://connect.facebook.net/ja_JP/all.js HTTP 307
https://connect.facebook.net/ja_JP/all.js

Request Chain 75

http://x9.shinobi.jp/ufo/453134534 HTTP 302
http://x9.shinobi.jp/fire?cid=453134534&v=1.1.0.bca8579735f680f50ad9e7735e97708c

Request Chain 77

https://rcm-fe.amazon-adsystem.com/e/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr HTTP 302
https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr

Request Chain 78

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776 HTTP 307
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Request Chain 79

https://rcm-fe.amazon-adsystem.com/e/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr HTTP 302
https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr

Request Chain 80

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776 HTTP 307
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Request Chain 81

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776 HTTP 307
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Request Chain 82

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776 HTTP 307
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Request Chain 83

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776 HTTP 307
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Request Chain 84

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776 HTTP 307
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Request Chain 86

http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850 HTTP 307
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850

Request Chain 87

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB2356383956&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897&_=1632394522145145 HTTP 301
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB2356383956&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897&_=1632394522145145

Request Chain 89

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB3798962435&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886&_=1632394522150150 HTTP 301
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB3798962435&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886&_=1632394522150150

Request Chain 91

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB665525185&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853&_=1632394522153153 HTTP 301
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB665525185&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853&_=1632394522153153

Request Chain 93

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB1051732608&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843&_=1632394522155155 HTTP 301
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB1051732608&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843&_=1632394522155155

Request Chain 95

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB535674256&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822&_=1632394522156156 HTTP 301
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB535674256&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822&_=1632394522156156

Request Chain 100

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=885593087&utmhn=white-bear.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%8D%E3%83%83%E3%83%88%E3%81%A8%E3%81%8B%E3%82%B7%E3%83%AD%E3%82%AF%E3%83%9E%E3%81%A8%E3%81%8B&utmhid=467593640&utmr=-&utmp=%2F&utmht=1632394522600&utmac=UA-40679454-1&utmcc=__utma%3D119374031.1209098934.1632394523.1632394523.1632394523.1%3B%2B__utmz%3D119374031.1632394523.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1354308380&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=885593087&utmhn=white-bear.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%8D%E3%83%83%E3%83%88%E3%81%A8%E3%81%8B%E3%82%B7%E3%83%AD%E3%82%AF%E3%83%9E%E3%81%A8%E3%81%8B&utmhid=467593640&utmr=-&utmp=%2F&utmht=1632394522600&utmac=UA-40679454-1&utmcc=__utma%3D119374031.1209098934.1632394523.1632394523.1632394523.1%3B%2B__utmz%3D119374031.1632394523.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1354308380&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 143

http://sync.shinobi.jp/v2/sync/control HTTP 302
https://sync.shinobi.jp/v2/sync/control?null

Request Chain 144

https://code.lime-juice.net/nt.js HTTP 302
https://code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/first.js

Request Chain 145

http://sync.shinobi.jp/v2/sync/ne?t=js&r=http%3A%2F%2Fx9.shinobi.jp%2Ftrack%3Fcid%3D453134534%26ref%3D%26time%3D1632394523675%26x9uid%3D18caa775-e3be-4ad8-9229-f6587ee9036d%26picked%3D%257B%2522453134534-109%2522%253A%257B%257D%252C%2522453134534-432%2522%253A%257B%257D%257D%26callback%3D__chikayo__.callback.C_1632394523675_8227%26uid%3D HTTP 302
https://sync.shinobi.jp/v2/sync/ne?t=js&r=http%3A%2F%2Fx9.shinobi.jp%2Ftrack%3Fcid%3D453134534%26ref%3D%26time%3D1632394523675%26x9uid%3D18caa775-e3be-4ad8-9229-f6587ee9036d%26picked%3D%257B%2522453134534-109%2522%253A%257B%257D%252C%2522453134534-432%2522%253A%257B%257D%257D%26callback%3D__chikayo__.callback.C_1632394523675_8227%26uid%3D HTTP 302
http://x9.shinobi.jp/track?cid=453134534&ref=&time=1632394523675&x9uid=18caa775-e3be-4ad8-9229-f6587ee9036d&picked=%7B%22453134534-109%22%3A%7B%7D%2C%22453134534-432%22%3A%7B%7D%7D&callback=__chikayo__.callback.C_1632394523675_8227&uid=2158cda9-f3d2-4373-98f8-422beb56b4ce

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 169

https://code.lime-juice.net/contents/2280254a-codf-7876-bc7e-2c5a98c34777 HTTP 301
https://code.lime-juice.net/contents/7d9607e8-63bc-4cda-bc3d-a92421fec769

Request Chain 172

http://sync.shinobi.jp/v2/sync/multi?1632394524883 HTTP 302
https://sync.shinobi.jp/v2/sync/multi?1632394524883

Request Chain 173

http://code.lime-juice.net/nt.js?1632394524883 HTTP 302
http://code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/first.js

Request Chain 174

https://sync.shinobi.jp/v2/sync/ne?t=js&r=https%3A%2F%2Fcode.lime-juice.net%2Fsecond.js%3Fdomain%3Dwhite-bear.info%26nu%3Dnull%26rv%3Dw3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg%26h%3D1200%26w%3D1600%26d%3D1%26cid%3D HTTP 302
https://code.lime-juice.net/second.js?domain=white-bear.info&nu=null&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-4877-97bd-f3f58024422d

Request Chain 176

http://sync.shinobi.jp/v2/sync/multi/1001?1632394525366 HTTP 302
https://sync.shinobi.jp/v2/sync/multi/1001?1632394525366 HTTP 302
https://adm.shinobi.jp/chikayo/cookiesync?uid=11b1922c-8725-4877-97bd-f3f58024422d

Request Chain 177

http://sync.shinobi.jp/v2/sync/multi/1762?1632394525366 HTTP 302
https://sync.shinobi.jp/v2/sync/multi/1762?1632394525366 HTTP 302
https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=11b1922c-8725-4877-97bd-f3f58024422d

Request Chain 178

http://sync.shinobi.jp/v2/sync/multi/2736?1632394525366 HTTP 302
https://sync.shinobi.jp/v2/sync/multi/2736?1632394525366

Request Chain 179

https://sync.shinobi.jp/v2/sync/ne?t=js&r=https%3A%2F%2Fcode.lime-juice.net%2Fsecond.js%3Fdomain%3Dwhite-bear.info%26nu%3DYXN8nE8fvvqE3OzKufVGjWijjL6GGJ2Kbpv54l1oPcYQSgTZkMQm02UZ0B00rZgEtitdRcFn_nvJj6I7qVHTeN1cO6lFNDw_Rh4P7RlF-37RoCM9XSJ7PCeEu8Y_8PrIDNR4tYvCzYP1wVcpXWalvPMJg9Rds5zm%26rv%3Dw3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg%26h%3D1200%26w%3D1600%26d%3D1%26cid%3D HTTP 302
https://code.lime-juice.net/second.js?domain=white-bear.info&nu=YXN8nE8fvvqE3OzKufVGjWijjL6GGJ2Kbpv54l1oPcYQSgTZkMQm02UZ0B00rZgEtitdRcFn_nvJj6I7qVHTeN1cO6lFNDw_Rh4P7RlF-37RoCM9XSJ7PCeEu8Y_8PrIDNR4tYvCzYP1wVcpXWalvPMJg9Rds5zm&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-4877-97bd-f3f58024422d

190 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
white-bear.info/ 137 KB
19 KB 2813ms
1978ms Document
text/html 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache / PHP/5.4.45
Resource Hash: 5ff420df95d508931e6a7d611d122fddd7bf789e424b9bf4036afaa3866b7892

Request headers

Host: white-bear.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 18909
Connection: keep-alive
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 16 Sep 2021 10:55:17 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://white-bear.info/xmlrpc.php
Last-Modified: Thu, 23 Sep 2021 10:55:17 GMT
Vary: Range,Accept-Encoding
Accept-Ranges: none
Content-Encoding: gzip

GET
H/1.1 200
OK crayon.min.css
white-bear.info/wp-content/plugins/crayon-syntax-highlighter/css/min/ 20 KB
4 KB 276ms
276ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/crayon-syntax-highlighter/css/min/crayon.min.css?ver=2.2.0
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: bad7436411df42f8954fbafbe881a5c68c199244e0fbb7f316a4ebc13041373a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 12:03:37 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 4229

GET
H/1.1 200
OK ado.css
white-bear.info/wp-content/plugins/crayon-syntax-highlighter/themes/ado/ 5 KB
1 KB 485ms
257ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/crayon-syntax-highlighter/themes/ado/ado.css?ver=2.2.0
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 16ffd1dd8cf49dd8c165dfed8b6362998707a6669ac5d1715bc8be780aa5d82e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 12:03:37 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 796

GET
H/1.1 200
OK monaco.css
white-bear.info/wp-content/plugins/crayon-syntax-highlighter/fonts/ 529 B
501 B 488ms
247ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco.css?ver=2.2.0
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 12:03:37 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 240

GET
H/1.1 200
OK wpp.css
white-bear.info/wp-content/plugins/wordpress-popular-posts/style/ 548 B
562 B 515ms
262ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/wordpress-popular-posts/style/wpp.css?ver=3.5.1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 2891a98c41044017d3c02bd34ddaa92a62539216eda7afc04c83812b2c407a3d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Apr 2013 14:31:02 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 301

GET
H/1.1 200
OK styles.css
white-bear.info/wp-content/plugins/contact-form-7/includes/css/ 887 B
653 B 532ms
268ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=3.4
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: dae91cba9ced1983b75ba077e4f2abdf7fee326fe66d3cf11febd0b7d6e44f67

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 15:41:54 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 392

GET
H/1.1 200
OK lightbox.min.css
white-bear.info/wp-content/plugins/wp-lightbox-2/styles/ 2 KB
1 KB 537ms
272ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/wp-lightbox-2/styles/lightbox.min.css?ver=1.3.4
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 92ae55b959f44cbfcab70abcb11d1c2339a500c373e1fcf40b42064c5c5f6f00

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 May 2013 13:14:10 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 809

GET
H/1.1 200
OK style.css
white-bear.info/wp-content/themes/twentytwelve/ 50 KB
11 KB 551ms
275ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/themes/twentytwelve/style.css?ver=3.5.1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 7092d7947ad6efaf0ad73731a052e90d1b2464144738a2f3f29d1f19d3f63ead

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2015 04:28:51 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 10983

GET
H/1.1 200
OK styles-thumbnails.php
white-bear.info/wp-content/plugins/yet-another-related-posts-plugin/ 988 B
615 B 888ms
403ms Stylesheet
text/css 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/yet-another-related-posts-plugin/styles-thumbnails.php?width=120&height=120&ver=4.0.6
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache / PHP/5.4.45
Resource Hash: 7a2f1b5f048557fb04bb7509eb9634a3d4f8dde91d8e9bb7f6a28ba72ca85eae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.4.45
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 374

GET
H/1.1 200
OK jquery.js Show response
white-bear.info/wp-includes/js/jquery/ 91 KB
33 KB 780ms
265ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-includes/js/jquery/jquery.js?ver=1.8.3
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 41be9b6def9198311ad7b760cdb51ccb0153fdc44f0a39949ed99965492e3e03

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Nov 2012 17:26:22 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 33444

GET
H/1.1 200
OK crayon.min.js Show response
white-bear.info/wp-content/plugins/crayon-syntax-highlighter/js/min/ 24 KB
8 KB 800ms
269ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/crayon-syntax-highlighter/js/min/crayon.min.js?ver=2.2.0
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 3736c652a533c7a15deea303baf91efa414a8db4c6138216acdfe86fb0914877

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 12:03:37 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 7512

GET
H/1.1 200
OK video-js.css
vjs.zencdn.net/c/ 17 KB
3 KB 27ms
6ms Stylesheet
text/css 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vjs.zencdn.net/c/video-js.css
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d77554d7adaa974ab50b409f6c81bfd0ab1afe3babd4591b4f1f2c4ae226c03c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2013 04:04:26 GMT
ETag: "a5acd78c020477bb231ab1b484dea3f8"
X-Served-By: cache-fra19165-FRA
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 2861
X-Cache-Hits: 14

GET
H/1.1 200
OK video.js Show response
vjs.zencdn.net/c/ 62 KB
17 KB 27ms
6ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vjs.zencdn.net/c/video.js
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d49a779bd9e88769cc638bd3cbc84bc4d10d901efbadec3818bb5c5f3b88142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jun 2013 08:46:52 GMT
ETag: "b1fb6d997e399b40382a233bbae479a9"
X-Served-By: cache-fra19167-FRA
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16790
X-Cache-Hits: 60

GET
H/1.1 200
OK jquery.js Show response
white-bear.info/wp-content/uploads/jquery-lightbox05/ 17 KB
6 KB 1009ms
472ms Script
text/html 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/uploads/jquery-lightbox05/jquery.js
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache / PHP/5.4.45
Resource Hash: 5fa7464abf7deee810994c3d26a0b5ed2830615d831e50fbd2370ea69a9bb2fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Pingback: http://white-bear.info/xmlrpc.php
Pragma: no-cache
Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Vary: Range,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: none
Content-Length: 5374
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK jquery.lightbox-0.5.js Show response
white-bear.info/wp-content/uploads/jquery-lightbox05/ 17 KB
6 KB 1081ms
530ms Script
text/html 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/uploads/jquery-lightbox05/jquery.lightbox-0.5.js
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache / PHP/5.4.45
Resource Hash: 1cf96a901f0752969464b3eb2383ab220fc26abc349cdffc4e8da0d0b46d14da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Pingback: http://white-bear.info/xmlrpc.php
Pragma: no-cache
Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Vary: Range,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: none
Content-Length: 5380
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK jquery.lightbox-0.5.css
white-bear.info/wp-content/uploads/jquery-lightbox05/ 17 KB
6 KB 881ms
395ms Stylesheet
text/html 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/uploads/jquery-lightbox05/jquery.lightbox-0.5.css
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache / PHP/5.4.45
Resource Hash: 518002e9ab569e2f886e6eb15d3cfa8edc2dc815d67fe151cee6f946cc1c90f4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Pingback: http://white-bear.info/xmlrpc.php
Pragma: no-cache
Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Vary: Range,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: none
Content-Length: 5381
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK copy-cropped-header_main_bear11.png
white-bear.info/wp-content/uploads/ 64 KB
65 KB 473ms
258ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/copy-cropped-header_main_bear11.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 03d1ea9364abe325ea2f519c95843e1366f604a6bf1d0418780e311b79d52ed0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:47:05 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK bgt
www23.a8.net/svt/ 23 KB
23 KB 523ms
254ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www23.a8.net/svt/bgt?aid=151104016577&wid=002&eno=01&mid=s00000000404005051000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: fe97df67553e32766e6dba1963fed86a0511fea66d8470ca606be3060ed6985d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 23435
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www19.a8.net/ 43 B
184 B 541ms
263ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www19.a8.net/0.gif?a8mat=2HYOLS+9JJ5LM+348+U2LRL
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 109 KB
38 KB 46ms
33ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

HTTP/1.1

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

7be25a29f47740febf795edd4ea43fd8ce9964e56ec9390acf35d5f027c12eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4347749149496355058
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 38663
X-XSS-Protection: 0
Expires: Thu, 23 Sep 2021 10:55:20 GMT

GET
H/1.1 200
OK 1x1.trans.gif
white-bear.info/wp-content/plugins/lazy-load/images/ 42 B
263 B 461ms
272ms Image
image/gif 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/plugins/lazy-load/images/1x1.trans.gif
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Last-Modified: Fri, 27 Dec 2013 18:04:36 GMT
Server: Apache
Vary: Range
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: none
Content-Length: 42

GET
H2

200

d985d71900096d8c25ba349905b3ba6a
yarpp.org/pixels/
Redirect Chain

http://yarpp.org/pixels/d985d71900096d8c25ba349905b3ba6a
https://yarpp.org/pixels/d985d71900096d8c25ba349905b3ba6a

43 B
192 B

333ms
109ms

Image
image/gif

107.20.147.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yarpp.org/pixels/d985d71900096d8c25ba349905b3ba6a
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-147-136.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:20 GMT
last-modified: Tue, 14 Apr 2020 14:57:59 GMT
server: nginx/1.12.2
etag: "5e95cf77-2b"
content-type: image/gif
cache-control: 604800
accept-ranges: bytes
content-length: 43

Redirect headers

location: https://yarpp.org/pixels/d985d71900096d8c25ba349905b3ba6a
connection: close
content-length: 0

GET
H/1.1 200
OK bgt
www29.a8.net/svt/ 44 KB
44 KB 524ms
252ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www29.a8.net/svt/bgt?aid=151104016577&wid=002&eno=01&mid=s00000000404005070000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e1393542ac4259e228cc632c37a953761c85552b81e8c998ef8497996fb690c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 44568
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www10.a8.net/ 43 B
184 B 506ms
241ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www10.a8.net/0.gif?a8mat=2HYOLS+9JJ5LM+348+U6ODD
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 44 KB
44 KB 693ms
337ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www22.a8.net/svt/bgt?aid=151105037556&wid=002&eno=01&mid=s00000015415001023000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 541ae1e84709335f0185c59c95570061dcf48327002779eadc6a223da892d356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 45128
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www12.a8.net/ 43 B
184 B 480ms
229ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www12.a8.net/0.gif?a8mat=2HYPE5+9711WA+3AXY+639IP
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK feedly-follow-rectangle-flat-big_2x.png
s3.feedly.com/img/follows/ 9 KB
10 KB 50ms
19ms Image
image/png 104.20.60.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.feedly.com/img/follows/feedly-follow-rectangle-flat-big_2x.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 104.20.60.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e69a366cc3240deec29eac47d9901f03767ee5bffb2a53c076e46c58b90c1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
CF-Cache-Status: HIT
Server: cloudflare
Age: 164252
ETag: "3OpoZA"
Vary: Accept-Encoding
Content-Type: image/png
X-Cloud-Trace-Context: 9ca3b4973e491054990dcd052b1e9035
Cache-Control: public, max-age=363600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 69333d7acdae4401-FRA
Content-Length: 9486
Expires: Sat, 25 Sep 2021 11:51:50 GMT

GET
H/1.1 200
OK Cable-de-conector-Lightning-a-USB.png
white-bear.info/wp-content/uploads/ 19 KB
19 KB 260ms
260ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/Cable-de-conector-Lightning-a-USB.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: f01b4342c67ae97098d61edb0495338462f15fe127799818edb6565d4fc93083

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:54:54 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 19608

GET
H/1.1 200
OK re8544_windows7ultimate1-e1387986800397.jpg
white-bear.info/wp-content/uploads/ 10 KB
9 KB 276ms
276ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/re8544_windows7ultimate1-e1387986800397.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 08154fded64a633690600184772b94f7f3d31e94f49604a15a410e4330dc7102

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:48:57 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 9452

GET
H/1.1 200
OK 1209068_44079740-e1387984808939.jpg
white-bear.info/wp-content/uploads/ 22 KB
22 KB 273ms
273ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/1209068_44079740-e1387984808939.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 56b1059c07166ca43b778562bbe93ac52c58e51d722b793e8505ddc0ad67096d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:55:04 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 22696

GET
H/1.1 200
OK Earth_AsiaSide.jpg
white-bear.info/wp-content/uploads/ 39 KB
36 KB 260ms
260ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/Earth_AsiaSide.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: f8c5ca09f1aef836e2703f815314c41091a613a596b7e104d13b0938a2eb9013

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2015 10:49:01 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 36983

GET
H/1.1 200
OK facebook-logo.png
white-bear.info/wp-content/uploads/ 113 KB
114 KB 274ms
274ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/facebook-logo.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 446e0250e99aa5adb45a00edeba4df8d5d9caf58b7dc87a13e778fb3ae3da723

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Jul 2015 05:08:55 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK 1418073_69250692-e1387980009860.jpg
white-bear.info/wp-content/uploads/ 8 KB
8 KB 253ms
253ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/1418073_69250692-e1387980009860.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 330cbb061ae584a795f4a3271608078e65618fbcf6e5746cd4e2b6177b381ba3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 06:06:28 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 8060

GET
H/1.1 200
OK facebook-logo.jpg
white-bear.info/wp-content/uploads/ 17 KB
16 KB 276ms
276ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/facebook-logo.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: e6f8913d6c49fe32db4ae66e36127b4efe88596d53bcc529503600e3194a9608

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 06:08:19 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 15677

GET
H/1.1 200
OK 1083327_15207547.png
white-bear.info/wp-content/uploads/ 22 KB
23 KB 260ms
259ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/1083327_15207547.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: f8a6604976d92d7f76d8ee4a84a1c1339d635c512ee0803a3e1ed6b29e46d473

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:54:55 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 22981

GET
H/1.1 200
OK appStore-e1387980851618.png
white-bear.info/wp-content/uploads/ 67 KB
67 KB 264ms
264ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/appStore-e1387980851618.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 8d449b5ad5a2f78704b40ec5639a32fe00edce295463ae5803a6b9a4512fd981

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 06:05:22 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK IMG_2898.png
white-bear.info/wp-content/uploads/ 217 KB
218 KB 273ms
272ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/IMG_2898.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 3c13a4becaa7d9a45d324799038c1751fe969c3e21a24379f27cd2ff02f15942

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Oct 2015 00:34:24 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: none

GET
H/1.1 200
OK IMG_2807-e1387986691224.png
white-bear.info/wp-content/uploads/ 23 KB
23 KB 245ms
245ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/IMG_2807-e1387986691224.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 9edb100d601e39e2fc5a254756bb34857f65919d4b6633e2812e7f9a5d6f0164

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:50:47 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 23231

GET
H/1.1 200
OK popgo-moji-e1388725074675.jpg
white-bear.info/wp-content/uploads/ 35 KB
35 KB 259ms
259ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/popgo-moji-e1388725074675.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 879eeaacf1ab2235457394ac72ae62b7a71da870f87431a9a747d977850b931d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:33:59 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 35752

GET
H/1.1 200
OK IMG_3433.jpg
white-bear.info/wp-content/uploads/ 55 KB
55 KB 283ms
282ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/IMG_3433.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 2047835d58eeac712d7cb3fc3073eb290c47c49ed042b45b7bb63bf9546c8c17

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2015 05:30:55 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 56313

GET
H/1.1 200
OK IMG_3748.jpg
white-bear.info/wp-content/uploads/ 50 KB
50 KB 255ms
255ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/IMG_3748.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 265ba63a92caa740fc47502a40f42d4085b4e3046c2332bff2a820dd5ea54174

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Dec 2015 08:28:41 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 50850

GET
H/1.1 200
OK 996bc8c871398fe2f1ad2dc2a372c05b.png
white-bear.info/wp-content/uploads/ 20 KB
20 KB 261ms
261ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/996bc8c871398fe2f1ad2dc2a372c05b.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 97c66bcc4d8c256c8588e9093f4d39c409cb59d5942deec88a9a8d059179e559

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Oct 2015 04:57:49 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 20020

GET
H/1.1 200
OK email-integration-2.jpg
white-bear.info/wp-content/uploads/ 20 KB
19 KB 258ms
258ms Image
image/jpeg 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/email-integration-2.jpg
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 735cfa119c7a59b4a4cb329af68b62e15d5b9aee0c0c259a843f99f3811844e8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2015 09:22:33 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: none
Content-Length: 19527

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 31 KB
31 KB 1263ms
504ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=161028370847&wid=002&eno=01&mid=s00000016171001026000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ab5d5290fa22579b352d616765784450d658cc0192a761e4ef6792e24a4d9b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 31402
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www16.a8.net/ 43 B
184 B 1008ms
246ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www16.a8.net/0.gif?a8mat=2NVEAA+E0A6XM+3GRY+63WO1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www26.a8.net/svt/ 17 KB
17 KB 488ms
240ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www26.a8.net/svt/bgt?aid=130415813123&wid=001&eno=01&mid=s00000000404001076000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 92007096937e8346138a952fa1371528ee6c6ec68861b0de6c04adac0d4d2691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 17539
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www18.a8.net/ 43 B
184 B 539ms
257ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www18.a8.net/0.gif?a8mat=25N9HH+218C6Q+348+6EMGX
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 31 KB
31 KB 496ms
496ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=161028370847&wid=002&eno=01&mid=s00000016171001025000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ab5d5290fa22579b352d616765784450d658cc0192a761e4ef6792e24a4d9b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 31402
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www10.a8.net/ 43 B
184 B 971ms
243ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www10.a8.net/0.gif?a8mat=2NVEAA+E0A6XM+3GRY+63OY9
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www22.a8.net/svt/ 20 KB
21 KB 439ms
254ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www22.a8.net/svt/bgt?aid=161028370808&wid=002&eno=01&mid=s00000014541001128000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 7d07de72fe5c1a131ff8b1db1b2165f87199d1417f7d06e22f842c3805c55b08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 20962
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www17.a8.net/ 43 B
184 B 1005ms
246ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www17.a8.net/0.gif?a8mat=2NVEAA+DD2ACA+3476+6PRPD
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www23.a8.net/svt/ 28 KB
28 KB 254ms
253ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www23.a8.net/svt/bgt?aid=130303695702&wid=002&eno=01&mid=s00000000018015055000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: cbfb1b24e1eaa22433d00303187b53370c8e25892e43177891a01649e84c4259

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 28759
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www15.a8.net/ 43 B
184 B 570ms
271ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www15.a8.net/0.gif?a8mat=25KUZ3+BLYC7U+50+2HMT4H
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www27.a8.net/svt/ 6 KB
7 KB 475ms
230ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www27.a8.net/svt/bgt?aid=130425016758&wid=001&eno=01&mid=s00000000404008027000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 20f97e85fda5ae93e2020fa1c12acaf96e1a2484870d3eee6335316f0d9855eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 6518
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www18.a8.net/ 43 B
184 B 478ms
240ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www18.a8.net/0.gif?a8mat=25NGL4+CJALBM+348+1BSGQ9
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www29.a8.net/svt/ 24 KB
24 KB 252ms
252ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www29.a8.net/svt/bgt?aid=130425016758&wid=001&eno=01&mid=s00000000404008051000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 0ea0083ec629a7af350b0b44814d0eae90857144ba292fd0076540776b1d6f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 24801
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www10.a8.net/ 43 B
184 B 243ms
243ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www10.a8.net/0.gif?a8mat=25NGL4+CJALBM+348+1BXLWX
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bgt
www25.a8.net/svt/ 13 KB
13 KB 512ms
249ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www25.a8.net/svt/bgt?aid=130425016758&wid=001&eno=01&mid=s00000000404008094000&mc=1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: a751154e17d825375460e13cee574af32706b150e0130cd025858a355a63b1e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 13627
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www12.a8.net/ 43 B
184 B 229ms
229ms Image
image/gif 18.177.164.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www12.a8.net/0.gif?a8mat=25NGL4+CJALBM+348+1C6TPD
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 18.177.164.57 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-177-164-57.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200

show Show response
ad.linksynergy.com/fs-bin/
Redirect Chain

http://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0
https://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0

43 B
320 B

291ms
98ms

Script
image/gif

35.212.66.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.66.39 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.66.212.35.bc.googleusercontent.com
Software: /
Resource Hash: 21224549a82106f069f578d8155e84eaccae93650821ea5c632cb706bac13894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:20 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR BUS STA"
cache-control: no-store
connection: close
content-type: image/gif
content-length: 43
expires: Thu, 23 Sep 2021 12:55:20 GMT

Redirect headers

location: https://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0
connection: close
content-length: 0

GET
H/1.1 200
OK jquery.form.min.js Show response
white-bear.info/wp-content/plugins/contact-form-7/includes/js/ 15 KB
6 KB 280ms
279ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.32.0-2013.04.03
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 1688b92c6a96b61a60f1c2a3a479119c15456dc05082ba96bb5621bee4f8c9b5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 15:41:54 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 5878

GET
H/1.1 200
OK scripts.js Show response
white-bear.info/wp-content/plugins/contact-form-7/includes/js/ 7 KB
2 KB 263ms
260ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.4
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 3408bf8bddb0c3b8b15c8d02e4c5eaede5db5680a9cc6f5c09dfa3019f46ef34

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Apr 2013 15:41:54 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1850

GET
H/1.1 200
OK jquery.sonar.min.js Show response
white-bear.info/wp-content/plugins/lazy-load/js/ 1 KB
993 B 277ms
273ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.5
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Dec 2013 18:04:36 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 718

GET
H/1.1 200
OK lazy-load.js Show response
white-bear.info/wp-content/plugins/lazy-load/js/ 951 B
711 B 308ms
304ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.5
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 2b3fafecce9755f82fa6165b9d54e58a7a64485163e48586a8a26e39617ad41e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Dec 2013 18:06:29 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 436

GET
H/1.1 200
OK wp-lightbox-2.min.js Show response
white-bear.info/wp-content/plugins/wp-lightbox-2/ 10 KB
4 KB 253ms
249ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/wp-lightbox-2/wp-lightbox-2.min.js?ver=1.3.4.1
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: b2b74bdce270d3a83b0b83ba33d58b57632882582e30a386dc1e4c107215e365

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 May 2013 13:14:10 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 3350

GET
H/1.1 200
OK navigation.js Show response
white-bear.info/wp-content/themes/twentytwelve/js/ 863 B
671 B 278ms
273ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: 12701b18ff59a06aa1985d1c02d5c36c29f1f4d6926e7f1e32785155f5f2ea53

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Nov 2012 11:21:02 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 396

GET
H/1.1 200
OK jquery.easing.js Show response
white-bear.info/wp-content/plugins/dynamic-to-top/js/libs/ 4 KB
1 KB 273ms
273ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/dynamic-to-top/js/libs/jquery.easing.js?ver=1.3
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: ce64de193caea884bd4d4a7723933ab844506b7a62ec35c52911e72588c0e62f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 May 2013 16:49:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 914

GET
H/1.1 200
OK dynamic.to.top.min.js Show response
white-bear.info/wp-content/plugins/dynamic-to-top/js/ 1 KB
879 B 267ms
267ms Script
application/javascript 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://white-bear.info/wp-content/plugins/dynamic-to-top/js/dynamic.to.top.min.js?ver=3.4.2
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: ec62de9c54033f0163588e9d274e822708dc8e6d11c0b62cdd6c6fb16331df6d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://white-bear.info/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:20 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 May 2013 16:49:25 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 604

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=white-bear.info&utmsr=1600x1200&utmul=en-US&utmr=http%3A%2F%2Fwhite-bear.info%2F&utmp=white-bear.info%2F&utmcc...
https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=white-bear.info&utmsr=1600x1200&utmul=en-US&utmr=http%3A%2F%2Fwhite-bear.info%2F&utmp=white-bear.info%2F&utmc...

35 B
414 B

28ms
6ms

Image
image/gif

142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=white-bear.info&utmsr=1600x1200&utmul=en-US&utmr=http%3A%2F%2Fwhite-bear.info%2F&utmp=white-bear.info%2F&utmcc=__utma%3D1.7213437527.1.1.1.1%3B&utme=8(vjsv)9(v3.2.0c)

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 17:53:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61334
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=white-bear.info&utmsr=1600x1200&utmul=en-US&utmr=http%3A%2F%2Fwhite-bear.info%2F&utmp=white-bear.info%2F&utmcc=__utma%3D1.7213437527.1.1.1.1%3B&utme=8(vjsv)9(v3.2.0c)
Non-Authoritative-Reason: HSTS

GET
H3

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

34ms
13ms

Script
text/javascript

142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6454
date: Thu, 23 Sep 2021 09:07:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 23 Sep 2021 11:07:48 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

http://www.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru
https://cse.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru

10 KB
4 KB

89ms
43ms

Script
text/javascript

216.58.212.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f14.1e100.net

Software

gws /

Resource Hash

a00c22d3398964bfbd4df6336b217bddc2f5d91aa4aad8b955d7b42cf6eb26c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 23 Sep 2021 10:55:22 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3497
x-xss-protection: 0

Redirect headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru
Cache-Control: public, max-age=1800
Content-Length: 267
X-XSS-Protection: 0
Expires: Thu, 23 Sep 2021 11:25:22 GMT

GET
H2

200

all.js Show response
connect.facebook.net/ja_JP/
Redirect Chain

http://connect.facebook.net/ja_JP/all.js
https://connect.facebook.net/ja_JP/all.js

3 KB
2 KB

23ms
7ms

Script
application/x-javascript

157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/all.js

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

34260e76c97008336db04eceed6cf6d55141363f82e30a90c24ba9f2e1e92233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LXjQi15Gal7dM/LBc+CjRw==
cross-origin-resource-policy: cross-origin
expires: Thu, 23 Sep 2021 11:02:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ipjFOWMdPFD+yG8o7sgRyV+zXylOV0+OWAaqjO8ryeaZtleFC94N2r7DXJeWWqYNwhef3y2CqOyApPCLePO30g==
x-fb-trip-id: 917726464
x-fb-content-md5: e86586de169b9b2a309a02dcf50551a2
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 23 Sep 2021 10:55:22 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "62e47568931fec57ba73ae51815eb66c"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/ja_JP/all.js#xfbml=1&appId=373717942736845
Non-Authoritative-Reason: HSTS

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 253 KB
94 KB 57ms
35ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

64d2575d82b06557bac4a30aa5e21371b6b3a0a2537c7512811c44737690a378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95704
x-xss-protection: 0
server: cafe
etag: 6751367592089609831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Sep 2021 10:55:22 GMT

GET
H/1.1 200
OK 431e4445969cc5dbf576be1286d6a051 Show response
omt.shinobi.jp/b/ 73 KB
73 KB 783ms
252ms Script
text/javascript 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: 75684cbdf74d54906c7fdfce519361440120ac8bd0d195c28cf0b8916a04be3c

Request headers

Referer: http://white-bear.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: openresty
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ninja_onetag.css
omt.shinobi.jp/css/ 26 KB
26 KB 246ms
246ms Stylesheet
text/css 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: http://omt.shinobi.jp/css/ninja_onetag.css?202104220043
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: c0c4686d6ca7fd6f3d798711d11e1e106fb40487bec0a700d2f42d2c3d7a6eed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: openresty
etag: "14c1e6a:67f1:6108a1a7:0"
Content-Type: text/css
Connection: keep-alive
accept-ranges: bytes
Content-Length: 26609
expires: Fri, 24 Sep 2021 10:55:21 GMT

GET
H/1.1 200
OK tsumugi Show response
omt.shinobi.jp/ 12 B
293 B 239ms
239ms Script
text/javascript 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: http://omt.shinobi.jp/tsumugi?location=http%3A%2F%2Fwhite-bear.info%2F&source_key=431e4445969cc5dbf576be1286d6a051&st=4&rd=0.13452895098179685
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: b9577fe56ee0b69c715b4d85a6f38b7b815b92ad82c158fe2a4cfc95c97deac3

Request headers

Referer: http://white-bear.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 23 Sep 2021 10:55:21 GMT
Server: openresty
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

fire Show response
x9.shinobi.jp/
Redirect Chain

http://x9.shinobi.jp/ufo/453134534
http://x9.shinobi.jp/fire?cid=453134534&v=1.1.0.bca8579735f680f50ad9e7735e97708c

25 KB
11 KB

244ms
243ms

Script
application/javascript

202.228.215.64
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

http://x9.shinobi.jp/fire?cid=453134534&v=1.1.0.bca8579735f680f50ad9e7735e97708c

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

HTTP/1.1

Server

202.228.215.64 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

swarm.shinobi.jp

Software

openresty /

Resource Hash

b7895d12d38b243f0e07a918b59a25c5d2893d19c09c35b699ded31153edc62c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
Content-Encoding: gzip
Server: openresty
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

location: /fire?cid=453134534&v=1.1.0.bca8579735f680f50ad9e7735e97708c
Date: Thu, 23 Sep 2021 10:55:23 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1 404
Not Found pv
omt.shinobi.jp/ 0
125 B 246ms
246ms Image
text/plain 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://omt.shinobi.jp/pv?t=1632394521799
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm Show response
ws-fe.assoc-amazon.com/widgets/ Frame 75D6
Redirect Chain

https://rcm-fe.amazon-adsystem.com/e/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1...
https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&l...

14 KB
15 KB

689ms
177ms

Document
text/html

52.119.173.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.173.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a6560cd80030cda36fbc9ae672da2fbff526627e8586e24947d64577b056bc81

Request headers

Host: ws-fe.assoc-amazon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://white-bear.info/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Vary: User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Thu, 23 Sep 2021 10:55:22 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 467
Connection: keep-alive
x-amz-rid: HDKH56J8VEHFFAQ30A4Y
Location: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy: interest-cohort=()

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 1403
Redirect Chain

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

0
2 KB

127ms
111ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: U1j1RZYTwRKb/YKAQB9SybhrzcXuf1lNxemWn+xUKy9IaJTC58vpSAxLwEM922oKCi5filU3YlPgZH3xalKnkA==
content-length: 0
date: Thu, 23 Sep 2021 10:55:22 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

cm Show response
ws-fe.assoc-amazon.com/widgets/ Frame 75CA
Redirect Chain

https://rcm-fe.amazon-adsystem.com/e/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr

14 KB
15 KB

694ms
181ms

Document
text/html

52.119.173.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.173.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: f14576e4c849d6c23e2741cfe7138ad6bc069d086d7d26e7c3c9824b5bfa1b79

Request headers

Host: ws-fe.assoc-amazon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://white-bear.info/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
charset: UTF-8
Access-Control-Allow-Origin: *
Vary: User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Thu, 23 Sep 2021 10:55:22 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 428
Connection: keep-alive
x-amz-rid: 6YDW9A1SMB6NA9937GNJ
Location: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Permissions-Policy: interest-cohort=()

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 9E50
Redirect Chain

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

0
118 B

112ms
111ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 1G2LBfCV70GZT3BUMkpTy7h2DcPHKRh0pp3cz8hYthi6g0QJd8cfyX7CPKPdcCmr3K1p2dTXFEG3IEAQlcjSQw==
content-length: 0
date: Thu, 23 Sep 2021 10:55:22 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Non-Authoritative-Reason: HSTS

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame B99C
Redirect Chain

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

0
120 B

111ms
111ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: rStJYj7UnBBz748e6GVW4SI766D5i7JjoJY89iZ9rBCdJ6x6IA8+YSwZizZGQMsRHRuuNFSg/9nCcGyUEnPSnA==
content-length: 0
date: Thu, 23 Sep 2021 10:55:22 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Non-Authoritative-Reason: HSTS

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame A212
Redirect Chain

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

0
123 B

110ms
110ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: yiRxY54jNFpOPPfLZYLhuLiMzPPHuH+JBZFxOh5pE+uqvos7dqJBw41Nu+B5fqPg6AWCXfvGuu8nK3bcP0++gw==
content-length: 0
date: Thu, 23 Sep 2021 10:55:22 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Non-Authoritative-Reason: HSTS

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 8F35
Redirect Chain

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

0
120 B

111ms
110ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: bSzVRbRHrGB7KYuMNzacnVGsbAvedviBwi7GZox/IlKXY7E/OUwp+u1g4loNw6SXPeDoMS8gMnOGD6mS591jlQ==
content-length: 0
date: Thu, 23 Sep 2021 10:55:22 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=540&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Non-Authoritative-Reason: HSTS

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 67A1
Redirect Chain

http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

0
118 B

109ms
109ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +cQ4biqpQEZ6Q23lSFcyvKwfvJ7in4KAJwHWc1S4vVx/cPKcBoIgVmEsjhgF3Vy79i/PUbO3MorQEFpXfH3OCQ==
content-length: 0
date: Thu, 23 Sep 2021 10:55:22 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width=320&layout=standard&action=like&show_faces=true&share=false&height=80&appId=488661517873776
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK headpoint25.png
white-bear.info/images/ 111 B
385 B 270ms
270ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/images/headpoint25.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/wp-content/themes/twentytwelve/style.css?ver=3.5.1
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: a754066304aa29a7d21f425095941896f1cc93742d0f97091421043833194358

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/wp-content/themes/twentytwelve/style.css?ver=3.5.1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/wp-content/themes/twentytwelve/style.css?ver=3.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Dec 2013 00:31:45 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 123

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame 9ED0
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&ap...
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&a...

15 KB
6 KB

128ms
128ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

75eb8026a8572cbf47f67574da2440b5c0c4043c32a6080b9878bd85d1726364

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: FBXZwGHuD2siyTshkVkUX950sk8SvTAARstp+9pMuUW+zAyAmQzKEpXrIk+6pQWySkMLNyGgig0CvC0rfIDGag==
date: Thu, 23 Sep 2021 10:55:22 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850
Non-Authoritative-Reason: HSTS

GET
H2

200

/ Show response
b.hatena.ne.jp/entry/jsonlite/
Redirect Chain

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB2356383956&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897&_=1632394522145145
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB2356383956&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897&_=1632394522145145

41 B
529 B

291ms
273ms

Script
text/javascript

143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB2356383956&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897&_=1632394522145145

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-109.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fe8cc9a8a8ed47a360284017f2371e0588a4dc2b055dbf249b5321ff0e40bcb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:22 GMT
content-encoding: gzip
server: nginx
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-dispatch: Boston::Web::Public::Entry#entry_by_url_jsonlite
content-type: text/javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: public, max-age=10800, s-maxage=10800
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: 6SHH09oYpjdAP-hSH64407-MRzuCh6ubldz6zkM9srkgPS-X41ALrA==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

Redirect headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB2356383956&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897&_=1632394522145145
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: oI1TuPts8k6XSA8ELmbeoTv4TSvnLRPXwrmxTdcdR73lHwc3y59zIg==

GET
H/1.1 200
OK http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897 Show response
graph.facebook.com/ 244 B
933 B 130ms
110ms Script
text/javascript 157.240.236.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/http%3A%2F%2Fwhite-bear.info%2Farchives%2F1897?callback=window.NTSjpZ3JeOMT_FBCB2356383956&_=1632394522148148
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 157.240.236.15 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-shv-02-frx5.facebook.com
Software: /
Resource Hash: 209622f617c20711739de48daebff32d7f0234e8d20ffeaeca8ce4126a1127d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004442434
Connection: keep-alive
Alt-Svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 244
x-fb-rlafr: 0
Pragma: no-cache
X-FB-Debug: heacQNmo+A3CGccQtaTNXwx5vdE+iYhuP2LQ7dqcjah60lLowY8B4Y7JqgpItO6AkkSGkr1NvpSuz9cIdLXxdg==
x-fb-trace-id: CuU5A4+saNf
Vary: Origin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: AKudCr67K2D4jYkF95EOcGy
Cache-Control: no-store
facebook-api-version: v4.0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
b.hatena.ne.jp/entry/jsonlite/
Redirect Chain

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB3798962435&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886&_=1632394522150150
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB3798962435&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886&_=1632394522150150

41 B
529 B

751ms
732ms

Script
text/javascript

143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB3798962435&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886&_=1632394522150150

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-109.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

037b8fe9649526d213190648941ee915cb4953841b581a88db294d56de4238e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
server: nginx
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-dispatch: Boston::Web::Public::Entry#entry_by_url_jsonlite
content-type: text/javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: public, max-age=10800, s-maxage=10800
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: N0lPVklGE9aaPv-_trPd2CqP86TtIrc4ATcweJqBf1ZBPdQ49VWLQw==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

Redirect headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB3798962435&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886&_=1632394522150150
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: HwwSsqQsNNXgAloB6kdkzxnvxqui49MK_VZTXfSS0YrHMUV_S9pHDQ==

GET
H/1.1 200
OK http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886 Show response
graph.facebook.com/ 244 B
950 B 119ms
113ms Script
text/javascript 157.240.236.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/http%3A%2F%2Fwhite-bear.info%2Farchives%2F1886?callback=window.NTSjpZ3JeOMT_FBCB3798962435&_=1632394522151151
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 157.240.236.15 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-shv-02-frx5.facebook.com
Software: /
Resource Hash: 54052416e2255df975e13b3f5ff2a1eae42ae0ecc1096400489d5dc4bdf3aa9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004442794
Connection: keep-alive
Alt-Svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 244
x-fb-rlafr: 0
Pragma: no-cache
X-FB-Debug: 5OYBUYLe1iXQEohw2MhJ/VcCjoklpX8vge1aE7859UsZYzU0Bgctmxoqn2DSlZ79cTUEFmceaNSas/Seg0uaqA==
x-fb-trace-id: F8Xrh0pGy7C
Vary: Origin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: Af7xUHJ8OB2Sp_mV__0tfNd
Cache-Control: no-store
facebook-api-version: v4.0
Priority: u=3,i
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
b.hatena.ne.jp/entry/jsonlite/
Redirect Chain

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB665525185&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853&_=1632394522153153
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB665525185&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853&_=1632394522153153

40 B
530 B

737ms
736ms

Script
text/javascript

143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB665525185&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853&_=1632394522153153

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-109.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

421809d0687b33956d5283cbc715cada99f6eee47d6729da662bde49a62fc003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
server: nginx
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-dispatch: Boston::Web::Public::Entry#entry_by_url_jsonlite
content-type: text/javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: public, max-age=10800, s-maxage=10800
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: s5AUXAVyQGGRkELZE76P2_xD0DrNHvFjYlTFDCmICX3vM7O0Ok7kHA==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

Redirect headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB665525185&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853&_=1632394522153153
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 1NhViPD8Sd7izuOcaYVlXWwqcUEkXxu1HRTivm_Ph-awYRIH7myE1w==

GET
H/1.1 200
OK http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853 Show response
graph.facebook.com/ 243 B
932 B 110ms
109ms Script
text/javascript 157.240.236.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/http%3A%2F%2Fwhite-bear.info%2Farchives%2F1853?callback=window.NTSjpZ3JeOMT_FBCB665525185&_=1632394522154154
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 157.240.236.15 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-shv-02-frx5.facebook.com
Software: /
Resource Hash: bfd238ce56b7b990c29461d942d6ae200d2381cba5c9b451f478340ebdcb8aac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004442434
Connection: keep-alive
Alt-Svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 243
x-fb-rlafr: 0
Pragma: no-cache
X-FB-Debug: f1gb4j4t9jbBBwZvDUQPuqBOuge0QaVnLXERRU7Hn9R95QELjH/Gpwp3tD9pBVhCDO57IFdPq3QhTCc2TjS7Zg==
x-fb-trace-id: HkLwDWH24dl
Vary: Origin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: ANC1idGNJ9AKTCoArzmFJNZ
Cache-Control: no-store
facebook-api-version: v4.0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
b.hatena.ne.jp/entry/jsonlite/
Redirect Chain

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB1051732608&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843&_=1632394522155155
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB1051732608&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843&_=1632394522155155

41 B
529 B

729ms
729ms

Script
text/javascript

143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB1051732608&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843&_=1632394522155155

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-109.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b66c7cbbed32f73b49e9e68f3dbb36ebc475c20b389fd3db4b22f9659645f256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
server: nginx
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-dispatch: Boston::Web::Public::Entry#entry_by_url_jsonlite
content-type: text/javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: public, max-age=10800, s-maxage=10800
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: GamZ8utgSh5eRNZNwaDDOsIYc1-rokP0Qo-LT84hrZPfYM3FrPPjXg==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

Redirect headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB1051732608&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843&_=1632394522155155
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: QhEWd0nBXWcLno3SMdsHjNxCEWdh1Y3NBVeRa8bDgIqRszdmvf-5pg==

GET
H/1.1 200
OK http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843 Show response
graph.facebook.com/ 244 B
950 B 112ms
112ms Script
text/javascript 157.240.236.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/http%3A%2F%2Fwhite-bear.info%2Farchives%2F1843?callback=window.NTSjpZ3JeOMT_FBCB1051732608&_=1632394522155155
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 157.240.236.15 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-shv-02-frx5.facebook.com
Software: /
Resource Hash: fca8bdad3a20af196a765a36cabc12610e0df63bda8783bd47725362a1ef7533

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004442434
Connection: keep-alive
Alt-Svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 244
x-fb-rlafr: 0
Pragma: no-cache
X-FB-Debug: fJrW+gy2lULE3Auu52QhKvq/MpW75kRm8jmRzyX66CvVjWJtwGo4eNixrJZ/UbDgdhvENttUNppztzetJ0Gemg==
x-fb-trace-id: Hahiosqlv7u
Vary: Origin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: Aye_H8Kr-r8hbpkuGzdDig-
Cache-Control: no-store
facebook-api-version: v4.0
Priority: u=3,i
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
b.hatena.ne.jp/entry/jsonlite/
Redirect Chain

http://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB535674256&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822&_=1632394522156156
https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB535674256&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822&_=1632394522156156

543 B
843 B

799ms
799ms

Script
text/javascript

143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB535674256&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822&_=1632394522156156

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-109.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c927cc4036a3cc44e962569b026c62821eb42cacc97315a4ed9cb1fb3ea11168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
server: nginx
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-dispatch: Boston::Web::Public::Entry#entry_by_url_jsonlite
content-type: text/javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: public, max-age=10800, s-maxage=10800
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-id: AP1Sxltfbav-RSzxMy9JAg9PyaolBPR2mqx60oNWBifRNzPKU64Yog==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

Redirect headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.hatena.ne.jp/entry/jsonlite/?callback=window.NTSjpZ3JeOMT_HTCB535674256&url=http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822&_=1632394522156156
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: QSFG1e_jNeS_74jf32C1bbaYo6tka9SACbE_RozpYiG8CyhQXuxE3g==

GET
H/1.1 200
OK http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822 Show response
graph.facebook.com/ 243 B
932 B 110ms
110ms Script
text/javascript 157.240.236.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/http%3A%2F%2Fwhite-bear.info%2Farchives%2F1822?callback=window.NTSjpZ3JeOMT_FBCB535674256&_=1632394522157157
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051
Protocol: HTTP/1.1
Server: 157.240.236.15 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-shv-02-frx5.facebook.com
Software: /
Resource Hash: b8b7ea3f1f0bbe81baf68e55afc79690ac24f757cb2533329c5b3d52d0bf8ba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1004442434
Connection: keep-alive
Alt-Svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 243
x-fb-rlafr: 0
Pragma: no-cache
X-FB-Debug: Fw1n0JOO4Bh6TOWhvrV23b+AnsR4fn/gC6DVdEWsx/gbw4cVwf1QkTe+kABD+qcVlWA1xVBrqkV14Ga2MfsIIw==
x-fb-trace-id: GsPH0dIs1Zc
Vary: Origin
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: A7_ATjMPZycF74-u8uRp0Az
Cache-Control: no-store
facebook-api-version: v4.0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK omatome_icomoon.ttf
omt.shinobi.jp/css/ 4 KB
4 KB 459ms
230ms Font
application/font-sfnt 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: http://omt.shinobi.jp/css/omatome_icomoon.ttf
Requested by: Host: omt.shinobi.jp
URL: http://omt.shinobi.jp/css/ninja_onetag.css?202104220043
Protocol: HTTP/1.1
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: 5606518d45dd396dea660be990fba918338c58f3d124fc9399c24a4099f0f4e4

Request headers

Referer: http://omt.shinobi.jp/css/ninja_onetag.css?202104220043
Origin: http://white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:22 GMT
Server: openresty
etag: "14c1e72:f54:6108a1a7:0"
Content-Type: application/font-sfnt
access-control-allow-origin: *
Connection: keep-alive
accept-ranges: bytes
Content-Length: 3924
expires: Fri, 24 Sep 2021 10:55:22 GMT

GET
H/1.1 200
OK 4K-624x624.png
white-bear.info/wp-content/uploads/ 40 KB
39 KB 291ms
291ms Image
image/png 157.7.107.248
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://white-bear.info/wp-content/uploads/4K-624x624.png
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 157.7.107.248 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-248.virt.lolipop.jp
Software: Apache /
Resource Hash: d9ed85d39e36e3920c13563a4d2123070a0478bcb74126d85b862447022409d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://white-bear.info/
Cookie: __utma=119374031.1209098934.1632394523.1632394523.1632394523.1; __utmc=119374031; __utmz=119374031.1632394523.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=119374031.1.10.1632394523
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Dec 2017 03:49:38 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: none
Content-Length: 39299

GET
H2 200 kQNIxcpqoFU.css
www.facebook.com/rsrc.php/v3/yb/l/0,cross/ Frame 9ED0 26 KB
6 KB 7ms
6ms Stylesheet
text/css 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/kQNIxcpqoFU.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

37e2f171dfa990138aa13b6f22d3682604ef01254bdebf4324d2d9ce09df9daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Finternet.polar.bear&width&height=290&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true&appId=115477545304850
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LV7vmqaHhGUVGz5ABpipow==
cross-origin-resource-policy: cross-origin
content-length: 5994
x-fb-rlafr: 0
x-fb-debug: jWsI4j2xrZhZFPEfxC/EqwhPGh6PEb2DFSdQ9yw1tPjUX4cGCxG1XK94/9RchhBngv+095AEMgEet+gyOHGW3Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 13:58:21 GMT

GET
H3

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=885593087&utmhn=white-bear.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%82...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=885593087&utmhn=white-bear.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%8...

35 B
54 B

20ms
20ms

Image
image/gif

142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=885593087&utmhn=white-bear.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%8D%E3%83%83%E3%83%88%E3%81%A8%E3%81%8B%E3%82%B7%E3%83%AD%E3%82%AF%E3%83%9E%E3%81%A8%E3%81%8B&utmhid=467593640&utmr=-&utmp=%2F&utmht=1632394522600&utmac=UA-40679454-1&utmcc=__utma%3D119374031.1209098934.1632394523.1632394523.1632394523.1%3B%2B__utmz%3D119374031.1632394523.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1354308380&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=885593087&utmhn=white-bear.info&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%83%8D%E3%83%83%E3%83%88%E3%81%A8%E3%81%8B%E3%82%B7%E3%83%AD%E3%82%AF%E3%83%9E%E3%81%A8%E3%81%8B&utmhid=467593640&utmr=-&utmp=%2F&utmht=1632394522600&utmac=UA-40679454-1&utmcc=__utma%3D119374031.1209098934.1632394523.1632394523.1632394523.1%3B%2B__utmz%3D119374031.1632394523.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1354308380&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H3 200 all.js Show response
connect.facebook.net/ja_JP/ 263 KB
74 KB 15ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/all.js?hash=17288adbb4562bb46d6f987c6037971a

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ja_JP/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

8d71eff37f81d8887e29d337786727db3fc7d50dc8b5b090636b8bcc32bee745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://white-bear.info/
Origin: http://white-bear.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HKObS9dKkrBRzE7QX4DuzA==
cross-origin-resource-policy: cross-origin
expires: Fri, 23 Sep 2022 10:42:20 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76021
x-fb-rlafr: 0
x-fb-debug: QKO9D8m9k/Xm85E1jCLeRzGSkQgT7ua+VtwRPwQoOrilDnylwVc+MHug5hU7sqo9kJI0A4ogld/iNce3kv9YaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 439571e019652e0d84b061bacf27e4aa
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Sep 2021 10:55:22 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "911c7ce557a790633a22ba21dee1d4eb"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 112ms
112ms Fetch
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=373717942736845&input_token&origin=1&redirect_uri=http%3A%2F%2Fwhite-bear.info%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/all.js?hash=17288adbb4562bb46d6f987c6037971a

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: YbfX8IyZH1xWwqgsaRDuDV/f32d1Z2gqGXsxlVIGnozTlxTdgGWQuXowjOEo2oelk4HIDGvo+2YzTRzkieolQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Sep 2021 10:55:22 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://white-bear.info
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
661 B 122ms
24ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=white-bear.info&callback=_gfp_s_&client=ca-pub-5552747336387028

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b7a0cd45b07c2e8a8c3b44d2e5d0a60d5f4fe2f8d9e1667061f187871bd42561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 68ms
24ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=white-bear.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 10:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99B7 79 KB
32 KB 701ms
672ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=60&slotname=3020944594&adk=854543127&adf=3522660600&pi=t.ma~as.3020944594&w=468&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394520501&bpp=12&bdt=1152&idt=2177&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=768787253307&frm=20&pv=2&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=797&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IczhuXf3zD&p=http%3A//white-bear.info&dtd=2191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

50a1cb335e2d2234a977c42ffae0855259be3b7a283e97439b22950a1918d169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5552747336387028&output=html&h=60&slotname=3020944594&adk=854543127&adf=3522660600&pi=t.ma~as.3020944594&w=468&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394520501&bpp=12&bdt=1152&idt=2177&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=768787253307&frm=20&pv=2&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=797&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IczhuXf3zD&p=http%3A//white-bear.info&dtd=2191
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 10:55:23 GMT
server: cafe
content-length: 32320
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 11:10:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 10:55:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 71ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 23 Sep 2021 10:55:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4ABC 67 KB
25 KB 1523ms
1502ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c806695230ae016a879cebe324d2b2ff4a447cb7938062dd83e02078090d83e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 10:55:24 GMT
server: cafe
content-length: 25864
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 11:10:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 10:55:24 GMT
cache-control: private

GET
H3 200 cse_element__ja.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ 281 KB
281 KB 26ms
9ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__ja.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: http://www.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

9ac915b0eae5b81604fa5e0fe9da20ed8f86aeea17a238373f42afdf37d75ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 17:39:26 GMT
x-content-type-options: nosniff
age: 148557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287330
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 21 Sep 2022 17:39:26 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/b54a745638da8bbb/ 41 KB
41 KB 31ms
8ms Stylesheet
text/css 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+ja.css

Requested by

Host: www.google.com
URL: http://www.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 10:45:45 GMT
vary: Accept-Encoding
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
x-content-type-options: nosniff
age: 259777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41474
x-xss-protection: 0
expires: Tue, 20 Sep 2022 10:45:45 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 37ms
15ms Stylesheet
text/css 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: http://www.google.com/cse/cse.js?cx=006510345893078373949:lolcxlikiru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:11:48 GMT
x-content-type-options: nosniff
age: 2614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 23 Sep 2021 11:01:48 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E3FD 68 KB
26 KB 1076ms
1062ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2ba626abef2bb8181093c32e3013ee772e70a6b434a62caaf5905422bc33a233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 10:55:23 GMT
server: cafe
content-length: 25965
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 11:10:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 10:55:23 GMT
cache-control: private

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 148 KB
54 KB 35ms
22ms Script
text/javascript 216.58.212.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__ja.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f14.1e100.net

Software

sffe /

Resource Hash

1fa87cf7a1f97adfd87552d2cd602fc9fb7b5e8521c7c7b5fff975fd03875b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
ETag: "10634331854387417859"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-afs-ui"
Expires: Thu, 23 Sep 2021 10:55:23 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
7ms Image
image/png 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/default+ja.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/b54a745638da8bbb/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:55:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 226791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Tue, 20 Sep 2022 19:55:32 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
1 KB 8ms
7ms Image
image/png 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:22:58 GMT
x-content-type-options: nosniff
age: 523945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1283
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 17 Sep 2022 09:22:58 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 45ms
7ms Image
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
Content-Length: 0

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210921/r20110914/elements/html/ Frame 99B7 6 KB
3 KB 21ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210921/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=60&slotname=3020944594&adk=854543127&adf=3522660600&pi=t.ma~as.3020944594&w=468&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394520501&bpp=12&bdt=1152&idt=2177&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=768787253307&frm=20&pv=2&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=797&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IczhuXf3zD&p=http%3A//white-bear.info&dtd=2191

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2646
x-xss-protection: 0
server: cafe
etag: 7823829336074104133
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 09:51:03 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 99B7 31 KB
13 KB 53ms
6ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ca300181b97db79837a99178494075a3533a40d5ae3b3be2861e54e6eaec5ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12797
x-xss-protection: 0
server: cafe
etag: 17082845058424178743
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:24:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 99B7 0
0 95ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9BBg5OE7A-qm0-7cyDZsYwHQ73dHiKnP8S5sNEtZjs_m4Yjy_CbsdVlKWkuuVsjY32DE_xBKN7VrEhzeQdexqRNRMCbfi4c2SmDDgFS9D0puP56SPf775SGGudXLf7eGllbFQB3XkNi95yNbiBo9wtCnHkbJP993pbwhzXGMCYN1ckyaFdxvGIzZ2LJoAt7VGd4wbLr60UXmtmW4d6x0dq1YhZD7PJsgFRBGhOS1Hp-TMjpIajawjLgwRTlU22Cbl_d7NH1duRcSYg4RMBidFaoTzgA_L6uO_9ssoK4X_dY5jDW7AwS9VjGWGGL0-VqPEii81BrPPU8U2wWG6bKfbuuhnRroZW50frrz-RD7z_0YxPQCK3YB5BO8ACWSJ7zaRQEXPNaknBkcmbEh18qTdMPi-1ugTON6aOsUyMdNgSajGp18VXfPpRuRIPLkbp_k4vZGvXk13DeLlmTD9AQxxxtPM1T-qP-vdjMEOZ1C1Z1JIFJThckvutY8xOyAogCv7vW6-fR9FYXhBa3yII0IJeJocBon_itGz-_gn9mVxQ3usfa5ztLtXVXLy8c3n-XDd2xnz9uCoqAVRRiDreUdrf0-g0zYgoKuELkvFhlS7tjx9ObqU04GelfZt_E8rSYZoIRfoqGV-LH-sfvIr8a7vtZ3ZcTNOOGD-ExapnmfTTBZhOAgLT5uQY9MxkDRLKQ69htAgefkLB1H-5mt4GkDoBFeokAgJBDEheA3fiopzi94RWpKnS0hViww2GHgKm0ZVecngGpNp0tCGm11QtqiGFOwe9xGwKlvAcvjISno7moQ3vZuQ0iR4MTbYbUb8myb80SbPH7WjYR0r0MLHEVE_SsgjG5-NHQTQjET-Rwi_k0EzhFSz5kdmOKHXHrilZ9ADTvdDMuqS622l7a-W8qzOwkR9a7sCFI00ZBcl&sig=Cg0ArKJSzJa7pqb5HCe9EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 23 Sep 2021 10:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 23 Sep 2021 10:55:23 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 99B7 114 KB
40 KB 48ms
13ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Sep 2021 12:46:50 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 99B7 41 KB
15 KB 53ms
12ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 15:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 22 Sep 2022 15:57:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 99B7 3 KB
1 KB 56ms
15ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:50:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99B7 128 KB
39 KB 30ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 23 Sep 2021 10:55:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 99B7 14 KB
6 KB 50ms
11ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:46:55 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame 99B7 18 KB
8 KB 51ms
12ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:50:13 GMT

GET
H/1.1 200
OK a-logo-amazon.png
wms-fe.amazon-adsystem.com/panda/20070822/JP/img/ Frame 75D6 2 KB
2 KB 690ms
162ms Image
image/png 52.119.167.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-fe.amazon-adsystem.com/panda/20070822/JP/img/a-logo-amazon.png
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.167.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: d7bbd45424e7406a8fdd441f9b810972f0e726665927f8d3958f488f8d32bf97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:24 GMT
Last-Modified: Thu, 23 Sep 2021 10:43:45 GMT
Server: Server
ETag: "7bf-5cca74e1e44f6"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=81
Content-Length: 1983
Expires: Thu, 30 Sep 2021 10:55:24 GMT

GET
H2 200 51unFxjoh-L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 75D6 3 KB
4 KB 62ms
11ms Image
image/jpeg 143.204.95.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51unFxjoh-L._AC_AC_SR98,95_.jpg
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-227.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 7c2b9eac732453dcade7e675e281fb4dd994cbf59ec35326752f285f9d784b74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 20:52:11 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
edge-cache-tag: x-cache-610,/images/I/51unFxjoh-L
age: 136992
x-edge-origin-shield-skipped: 0, 0
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 3068
surrogate-key: x-cache-610 /images/I/51unFxjoh-L
last-modified: Thu, 03 Oct 2019 07:39:42 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 1a355066-7eb3-496d-bbc7-5c15032c336e
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: eP2LPgBqVtgbCH4Nwpc6rQqHdmAdH8PWnON51n_3CT5K-BByrD8YTA==
expires: Mon, 16 Sep 2041 20:52:11 GMT

GET
H/1.1 200
OK json
fls-fe.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 75D6 43 B
200 B 667ms
162ms Image
image/gif 52.119.163.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-fe.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1632394523453&p=%7B%22program%22%3A%229%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22shanks999-22%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwhite-bear.info%2F%22%7D
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.163.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
x-amzn-RequestId: 05af7548-bd34-491c-840a-6afee545b907
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cart.gif
wms-fe.amazon-adsystem.com/panda/20070822/US/img/ Frame 75D6 341 B
698 B 702ms
167ms Image
image/gif 52.119.167.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-fe.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?ref=tf_til&t=shanks999-22&m=amazon&o=9&p=8&l=as1&IS2=1&detail=1&asins=B073S5ZLDT&linkId=05d5adecce2db261cbdd8ef6d5095125&bc1=000000&lt1=_blank&fc1=333333&lc1=0066c0&bg1=ffffff&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.167.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:24 GMT
Last-Modified: Thu, 23 Sep 2021 10:43:45 GMT
Server: Server
ETag: "155-5cca74e1f3ef8"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=29
Content-Length: 341
Expires: Thu, 30 Sep 2021 10:55:24 GMT

GET
DATA 200
OK truncated
/ Frame 99B7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 256901173052d0e5aaefeef64629502c18c945c8873843cdfa9cce42805d5a76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/ Frame D31B 5 KB
2 KB 37ms
14ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

8568e9f91a8ed95e54ddb63a69b014ea55b109decbdfa1f9bc47d9de1a721968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1584
date: Wed, 22 Sep 2021 14:40:59 GMT
expires: Thu, 23 Sep 2021 14:40:59 GMT
last-modified: Wed, 12 Feb 2020 16:36:28 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 72864
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gdn
metrics.getrockerbox.com/track/ Frame 99B7 44 B
691 B 139ms
103ms Image
image/gif 172.67.177.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/gdn?source=been_verified&tier_one=gdn&tier_two=9328390793&tier_three=96034940764&auction_id=604147376
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=60&slotname=3020944594&adk=854543127&adf=3522660600&pi=t.ma~as.3020944594&w=468&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394520501&bpp=12&bdt=1152&idt=2177&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&correlator=768787253307&frm=20&pv=2&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=797&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=IczhuXf3zD&p=http%3A//white-bear.info&dtd=2191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4NR62bvf6Kh%2B7QTctuunjwSq%2BSMyRR%2F8kQ51z48g6Q4Dw4p%2BjcKsrnpVtv2rPDd1p9zwoHeq9xsssfkSvXr2mWUNwm9%2BJDkRlYiDUoXaOzK%2Bz6juI2%2Bt8ylOxQrL6YtTRdY7jgBFO2%2BY4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 69333d8c2a642c56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK a-logo-amazon.png
wms-fe.amazon-adsystem.com/panda/20070822/JP/img/ Frame 75CA 2 KB
2 KB 655ms
164ms Image
image/png 52.119.167.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-fe.amazon-adsystem.com/panda/20070822/JP/img/a-logo-amazon.png
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.167.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: d7bbd45424e7406a8fdd441f9b810972f0e726665927f8d3958f488f8d32bf97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:24 GMT
Last-Modified: Thu, 23 Sep 2021 10:43:45 GMT
Server: Server
ETag: "7bf-5cca74e1e44f6"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=69
Content-Length: 1983
Expires: Thu, 30 Sep 2021 10:55:24 GMT

GET
H2 200 31hyBg0zBoL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 75CA 1 KB
2 KB 9ms
9ms Image
image/jpeg 143.204.95.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/31hyBg0zBoL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-227.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 32fa92aa50697e23c51fdf449a1c4d3f3a14dcfedae3701c7653962182e21c87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:06:05 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
edge-cache-tag: x-cache-942,/images/I/31hyBg0zBoL
age: 197358
x-edge-origin-shield-skipped: 0, 0
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 1203
surrogate-key: x-cache-942 /images/I/31hyBg0zBoL
last-modified: Wed, 25 Mar 2020 07:16:27 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 9943fa94-18fe-49e1-9ea4-d6b956e5647e
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: vErI8sw_feMjjByJxmxzslVt2_6iI_-i9sasn1VEspxdAoR2G6i4Fg==
expires: Mon, 16 Sep 2041 04:06:05 GMT

GET
H/1.1 200
OK prime.png
wms-fe.amazon-adsystem.com/panda/20070822/US/img/ Frame 75CA 3 KB
4 KB 677ms
169ms Image
image/png 52.119.167.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-fe.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.167.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:24 GMT
Last-Modified: Thu, 23 Sep 2021 10:43:45 GMT
Server: Server
ETag: "d1d-5cca74e1f3ef8"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=28
Content-Length: 3357
Expires: Thu, 30 Sep 2021 10:55:24 GMT

GET
H/1.1 200
OK json
fls-fe.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 75CA 43 B
200 B 671ms
168ms Image
image/gif 52.119.163.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-fe.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1632394523516&p=%7B%22program%22%3A%229%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22shanks999-22%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwhite-bear.info%2F%22%7D
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.163.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:23 GMT
x-amzn-RequestId: e06d5bda-8a0a-477a-81ea-6ecf7e494129
Content-Length: 43
Content-Type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 432D 22 KB
8 KB 43ms
16ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 22 Sep 2021 15:57:43 GMT
expires: Thu, 22 Sep 2022 15:57:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 68260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cart.gif
wms-fe.amazon-adsystem.com/panda/20070822/US/img/ Frame 75CA 341 B
698 B 675ms
169ms Image
image/gif 52.119.167.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-fe.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-fe.assoc-amazon.com
URL: https://ws-fe.assoc-amazon.com/widgets/cm?t=shanks999-22&o=9&p=8&l=as1&asins=B01KM18C60&nou=1&ref=qf_sp_asin_til&fc1=F10000&IS2=1&lt1=_blank&m=amazon&lc1=0000FF&bc1=000000&bg1=FFFFFF&f=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.167.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws-fe.assoc-amazon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:24 GMT
Last-Modified: Thu, 23 Sep 2021 10:43:45 GMT
Server: Server
ETag: "155-5cca74e1f3ef8"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=25, max=80
Content-Length: 341
Expires: Thu, 30 Sep 2021 10:55:24 GMT

GET
H3 200 style.css
s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/styles/ Frame D31B 3 KB
866 B 14ms
14ms Stylesheet
text/css 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

c25c37909020d56695971cc505ba2703a9086c95cc3e5a694a4953ece01c39bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 842
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 16:36:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 23 Sep 2021 11:35:59 GMT

GET
H3 200 base64.js Show response
s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/scripts/ Frame D31B 5 KB
2 KB 15ms
15ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/scripts/base64.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d47b15f9ceed997958d2926eb66869594d088cbd2e0a9cb1903d8517ed32b86e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 03:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1827
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 16:36:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 24 Sep 2021 03:53:41 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/scripts/ Frame D31B 2 KB
786 B 14ms
14ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

fcbb8aa3fd18588dcf6de3ed336ce0b3951adcb5ce9fd84bf069025ec0840836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 08:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 762
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 16:36:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 24 Sep 2021 08:06:29 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/images/ Frame D31B 46 KB
46 KB 14ms
14ms Image
image/jpeg 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

9f25952ad0c43129e0cf9e32ccbd33b0f0006510770b1db1a328cb2216d0f361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1581525388162/MAR-372-BV-VINnumberLookup-728x90/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:23:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Feb 2020 16:36:28 GMT
server: sffe
age: 84693
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46793
x-xss-protection: 0
expires: Thu, 23 Sep 2021 11:23:50 GMT

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 432D 35 KB
13 KB 7ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 10:03:01 GMT

GET
H2

200

control Show response
sync.shinobi.jp/v2/sync/
Redirect Chain

http://sync.shinobi.jp/v2/sync/control
https://sync.shinobi.jp/v2/sync/control?null

332 B
683 B

728ms
236ms

Script
text/javascript

202.228.215.61
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.shinobi.jp/v2/sync/control?null
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.61 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: d31b5669b175275d53252192b743cbe35d17738eaa4579693dafef721864c52f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:24 GMT
server: openresty
p3p: CP='UNI CUR OUR'
access-control-allow-origin: *
cache-control: no-cache , must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 332
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://sync.shinobi.jp/v2/sync/control?null
Date: Thu, 23 Sep 2021 10:55:24 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H2

200

first.js Show response
code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/
Redirect Chain

https://code.lime-juice.net/nt.js
https://code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/first.js

2 KB
2 KB

240ms
239ms

Script
text/javascript

202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/first.js
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: fe55a74725a61f7f6128464710106975b45767a49ed330940258627f8ed78a4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:24 GMT
cache-control: max-age=31536000
server: openresty
content-length: 1565
content-type: text/javascript

Redirect headers

location: /ee4c259fa19cf795910f79e4e52e1e42/first.js
date: Thu, 23 Sep 2021 10:55:24 GMT
cache-control: no-store, max-age=0
server: openresty
content-length: 0

GET
H/1.1

200
OK

track Show response
x9.shinobi.jp/
Redirect Chain

http://sync.shinobi.jp/v2/sync/ne?t=js&r=http%3A%2F%2Fx9.shinobi.jp%2Ftrack%3Fcid%3D453134534%26ref%3D%26time%3D1632394523675%26x9uid%3D18caa775-e3be-4ad8-9229-f6587ee9036d%26picked%3D%257B%2522453...
https://sync.shinobi.jp/v2/sync/ne?t=js&r=http%3A%2F%2Fx9.shinobi.jp%2Ftrack%3Fcid%3D453134534%26ref%3D%26time%3D1632394523675%26x9uid%3D18caa775-e3be-4ad8-9229-f6587ee9036d%26picked%3D%257B%252245...
http://x9.shinobi.jp/track?cid=453134534&ref=&time=1632394523675&x9uid=18caa775-e3be-4ad8-9229-f6587ee9036d&picked=%7B%22453134534-109%22%3A%7B%7D%2C%22453134534-432%22%3A%7B%7D%7D&callback=__chika...

82 B
324 B

241ms
241ms

Script
application/javascript

202.228.215.64
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL

http://x9.shinobi.jp/track?cid=453134534&ref=&time=1632394523675&x9uid=18caa775-e3be-4ad8-9229-f6587ee9036d&picked=%7B%22453134534-109%22%3A%7B%7D%2C%22453134534-432%22%3A%7B%7D%7D&callback=__chikayo__.callback.C_1632394523675_8227&uid=2158cda9-f3d2-4373-98f8-422beb56b4ce

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

HTTP/1.1

Server

202.228.215.64 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),

Reverse DNS

swarm.shinobi.jp

Software

openresty /

Resource Hash

43ef93636b61754e21c380667bd96355697cbbe65b679598dc0019c01b140cf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Connection: keep-alive
x-frame-options: SAMEORIGIN
Content-Type: application/javascript

Redirect headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:24 GMT
server: openresty
access-control-allow-origin: *
p3p: CP='UNI CUR OUR'
location: http://x9.shinobi.jp/track?cid=453134534&ref=&time=1632394523675&x9uid=18caa775-e3be-4ad8-9229-f6587ee9036d&picked=%7B%22453134534-109%22%3A%7B%7D%2C%22453134534-432%22%3A%7B%7D%7D&callback=__chikayo__.callback.C_1632394523675_8227&uid=2158cda9-f3d2-4373-98f8-422beb56b4ce
cache-control: no-cache , must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 432D 0
20 B 18ms
18ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgjvjGl1MYdGTLerJ7_UP29-Y0AsAAAAAOAHgBAI&bg=!kZKlktbNAAZNQyuQTUM7ACkAdvg8WjB1WT4hMHZQc8_TWsO9xO5YtjXxIHc1ToyI2HBohV1PfjKVKAIAAABpUgAAAA1oAQcKAGF-iN1E4-4i1guT0BmCTQSatANAnj9aHegmsHSa8OuiY-OupaIsTKfXjT-ABihsTBQ7kHI4MrkWpDngswQZiwvPlM8XPAOUtMekmUzza30XrVZbHkZG2lAwWmnZJ8xDdRZamQLeJGXpyQ9wrJu3vMtQn3zWgY31HTEOSaNxQbcqQACWeo33C9fL_kExP8a0TJ8DdrDy6MkP3e3wJGUmlU2du2wMg7c8NjrP-QsOBNSVehzKoPN77yopgLPCwKfaTRxJ0cfMS_qz1umlLZ6hhC83NlAtIBkMcTuWfhAfI51rfqCtvD8bpv0lhfUwjALxwbkkTcmeY8DCv6-lBaK_IOFfbKTdHpcCxvK5MaJf05H_XPKADhoV03KEW4RvQ16pQ9-iiybP43Y7hy9jRVo8xKRDYIyQl0wg4jPPwy-WSI7bZriPFxx0q4lDlfj482Ym82grldNsvJCV9CbCeUm4ZyNpogVaWmBtORwe1K8ZRr6Tnz-8eIkGPxK_UxFQV6Hkf2sjUo4WYSj5_sIpxgMUWuRmHoRtE207w600N8xbQN8Wpi0ImfGedXeE6nGeja_zpdLSo1JzlX4ZV45IpHTTozURIdD_HetFBpgiYmZr4eob4NJoyiZrdGftg5rGClI04VLEHEMGOIYJoGlFRy38cp3DE48eC5t3kl_YFBUpuu8CeaCf5JDBUNQgF6yLKmazbPDoUr_VgmDUx-ad_0lvBJe_11ok6Y5VOjhq2zOJmlYcVt7NxNT0PfdOaPpYuNBUuOwqrGTtuLLeee0tO1iYAeHtrOmFvLk1LUkNoibffF3c6mlnkIQcagUsL4kUH_siFHzA29ubL-TViwiZ3lqaKVBu_WZe9f1WLmCTEueuYQZ0Lrm9mExwcn0ObNVdZn9gnqkwk1d2m55YvDAcfd6RI16OofRcZaD8pOa-sSwjytOxwtvukmJuF5Al8qTZ5XrbMajApoyB_kuCh_NDXCWuHgPGrpWMjFZn00MkTLiWDS_t1upihDzlOf71NfswXnJ9EVP9rpyDZtoH_l42bRtT19dnH_YdcNqu5oMB_BGIyUOlR4dEee3b9wKnqaWY_Hbj8XMJEGabnYD2bu9qz6AOjm89MjE

Requested by

Host: white-bear.info
URL: http://white-bear.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14424933167669604026
tpc.googlesyndication.com/simgad/ Frame E3FD 27 KB
27 KB 18ms
17ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14424933167669604026?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmlyOeFwuPbkmPI4tfjopR6MpQ4iQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

70d34b8e015461548333094bf5d7a8b4e714f7abe98b2d223bd2b02c1e6ec87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:52:36 GMT
x-content-type-options: nosniff
age: 3767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 08:07:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Sep 2022 09:52:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame E3FD 18 KB
7 KB 16ms
16ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:50:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame E3FD 3 KB
1 KB 26ms
25ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:48:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3FD 128 KB
39 KB 17ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 23 Sep 2021 10:55:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame E3FD 14 KB
6 KB 17ms
16ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:53:49 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame E3FD 27 KB
11 KB 26ms
25ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0
server: cafe
etag: 7602392314963332887
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:12:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E3FD 0
0 52ms
28ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRKGiGl1MYcuhLc7P7_UP-7KCEK_xqqJl2P3VhK4OloLNhYgWEAEg4onhH2DJlveM5KSsE6AB4PaH2gHIAQKoAwHIA8kEqgS9AU_QlTPQ-xTrYFI3sEleXQWkg2khUGZj8CchsFpwNEPtd0eF-dOOb_CZTj5XZK4Xe8przOFmxZ7T0snhBzjvBOuFecYV42BlqxXwLwlGxeFElvvSSsY3DPETqqys_IWWFm6f5HO7SNZNsDZwcM9kYQ2HDmM1ucZfiKsTPYxZwNwYqI4YGOAQbDoSn6HGj-WZjYwUFPJH1QNKyznpapXseE8z3xqyY3D7zSh_6vXH3UpSuo1Q56ADE8HGae6LscAE7p7p_twDkgUECAQYAZIFBAgFGASgBgKAB4iJ-KUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDCgyHSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU1NTI3NDczMzYzODcwMjgYAA&sigh=Xa17ZL0ueiM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 23 Sep 2021 10:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DED 143 B
163 B 22ms
16ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=9067478191&adk=751613651&adf=2802373691&pi=t.ma~as.9067478191&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522114&bpp=3&bdt=2766&idt=591&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594%2C7590744996&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7NlGK6Twe&p=http%3A//white-bear.info&dtd=593

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 23 Sep 2021 10:02:18 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E3FD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fda022fed68d14f383420fe455bcb01b2ea40886d67119ed157784c2a8100050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

49ms
49ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Sep 2021 10:55:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 23-Sep-2021 11:55:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 10:55:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Sep 2021 10:55:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B4B 35 KB
13 KB 7ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 10:03:01 GMT

GET
H3 200 5599481253972554863
tpc.googlesyndication.com/simgad/ Frame 4ABC 16 KB
16 KB 18ms
17ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5599481253972554863?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn4b-P6seECdKUDuYNbJlM4YGc-MA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

4b221651d354c9f7454903f38cda6521197e1596842f65c49291a71ceeb5b888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:40:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 07:45:04 GMT
server: sffe
age: 242080
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16092
x-xss-protection: 0
expires: Tue, 20 Sep 2022 15:40:44 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame 4ABC 18 KB
7 KB 16ms
16ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:50:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 4ABC 3 KB
1 KB 18ms
17ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:48:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4ABC 128 KB
39 KB 26ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 23 Sep 2021 10:55:24 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 4ABC 14 KB
6 KB 17ms
16ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 10:53:49 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 4ABC 27 KB
11 KB 18ms
17ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0
server: cafe
etag: 7602392314963332887
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:12:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4ABC 0
0 29ms
28ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE1KmGl1MYZOhLa7g7_UPpa6_gAOqlKP9ZKm376myDf_KsYfDIhABIOKJ4R9gyZb3jOSkrBOgAaeC1YMDyAECqQJr0ytqD41DPqgDAcgDyQSqBLwBT9A7NkE2dvROfUhME_h-jfNaBXvZUv8ypWFKkpX00XxWqOZdGaA0zhATjUxEk9DKWwVY0XTFhe4HybM-uypPwCSTVWc9885plfUir4SJ56eEGPpqHu04u2qQfcM0W-cFWK_3L34JpDhvLMoHVIvYppJcCuqUQUZUSwkPlnBUfSiyIKalpcqQYRRlPuGKLj7JUL7qo5bE3668lei81jqBsBplsVkHRwoTW36pRfrEjRQIdi44HXDPsUNHYP_ABPe69vS3A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfB_ap8qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCh3W7SCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU1NTI3NDczMzYzODcwMjgYAA&sigh=NM3QpjJtmJM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 23 Sep 2021 10:55:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7BA4 143 B
163 B 17ms
16ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&h=250&slotname=7590744996&adk=130662909&adf=2802373691&pi=t.ma~as.7590744996&w=300&lmt=1632394517&url=http%3A%2F%2Fwhite-bear.info%2F&flash=0&wgl=1&dt=1632394522103&bpp=8&bdt=2755&idt=595&shv=r20210921&mjsv=m202109200101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3020944594&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=972&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&pvsid=2393443195029660&pem=884&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Qle7uCjQ41&p=http%3A//white-bear.info&dtd=597

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 23 Sep 2021 10:02:18 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4ABC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a595801f69e6047f55575a0312ceb240c9afb3934635742f1c290eaf70d0140

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7BA4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

50ms
49ms

Document
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Sep 2021 10:55:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 23-Sep-2021 11:55:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 10:55:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Sep 2021 10:55:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3277 35 KB
13 KB 7ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 10:03:01 GMT

GET
H2

200

7d9607e8-63bc-4cda-bc3d-a92421fec769 Show response
code.lime-juice.net/contents/
Redirect Chain

https://code.lime-juice.net/contents/2280254a-codf-7876-bc7e-2c5a98c34777
https://code.lime-juice.net/contents/7d9607e8-63bc-4cda-bc3d-a92421fec769

128 B
241 B

240ms
239ms

Script
text/plain

202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.lime-juice.net/contents/7d9607e8-63bc-4cda-bc3d-a92421fec769
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: f54d087e5331b369cb9c4c7fd62045794737f8bc33aadc486dc81bdd4e1a70cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:25 GMT
cache-control: max-age=31536000
server: openresty
etag: 7d9607e8-63bc-4cda-bc3d-a92421fec769
content-length: 128

Redirect headers

location: /contents/7d9607e8-63bc-4cda-bc3d-a92421fec769
date: Thu, 23 Sep 2021 10:55:24 GMT
server: openresty
etag: 7d9607e8-63bc-4cda-bc3d-a92421fec769
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 99B7 42 B
64 B 35ms
19ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb_avrCnR9dsi0xJWSRdQZ8fJx_XIB7jkTLyYUGHR_TPJXZjFDe6msqqxLnfFXN9X7yArL7YuL3WTqeyonORdcAnbOxKEYZfFB1w0A_Z87gm1vd5GtsDunHN-wV7_rMYlYdU5XmErt5W-nVX8y3Jfhw8EczLU_zkIFrRifsjM&sai=AMfl-YTp3DEANViMSxgIYW_vrujzYsEbGTAEMdDELHMEfctPhaqOVy965Och35MVKYLgcfROcYFuVMAgpQeh&sig=Cg0ArKJSzMKEdnVzHvlEEAE&id=lidar2&mcvt=1000&p=242,797,300,1265&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=854543127&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1632394522693&rpt=963&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E3FD 42 B
64 B 18ms
18ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ2GWTCgWvpEMzXhYVooAaH_pD0i_u6_-jfJKxgqZcCygaQX5S4X6LudGcQzSwGha1wJO1Ig6nKVIckKgv66IzuqQHA4X6XRNi7iMkdN8ZEcYAWK4&sai=AMfl-YRoPRI2_nfl4tXPbwHl5o27y11XkQLnEPSf9bSAEZ2V5DKjhbkOjmuUCLFoe1QcM3Mf6sFaqVo6JWHP&sig=Cg0ArKJSzIun2Y2WBk2wEAE&id=lidar2&mcvt=1000&p=979,972,1229,1272&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&app=0&itpl=4&adk=751613651&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1632394522708&rpt=1136&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

multi Show response
sync.shinobi.jp/v2/sync/
Redirect Chain

http://sync.shinobi.jp/v2/sync/multi?1632394524883
https://sync.shinobi.jp/v2/sync/multi?1632394524883

213 B
413 B

238ms
237ms

Script
text/javascript

202.228.215.61
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.shinobi.jp/v2/sync/multi?1632394524883
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.61 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: a736f46bf7b1853368d39a159ce724adff948daaae4c3484b9615ad828220835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:25 GMT
server: openresty
p3p: CP='UNI CUR OUR'
access-control-allow-origin: *
cache-control: no-cache , must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 213
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://sync.shinobi.jp/v2/sync/multi?1632394524883
Date: Thu, 23 Sep 2021 10:55:24 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

first.js Show response
code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/
Redirect Chain

http://code.lime-juice.net/nt.js?1632394524883
http://code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/first.js

2 KB
2 KB

246ms
246ms

Script
text/javascript

202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: http://code.lime-juice.net/ee4c259fa19cf795910f79e4e52e1e42/first.js
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: fe55a74725a61f7f6128464710106975b45767a49ed330940258627f8ed78a4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:25 GMT
Cache-Control: max-age=31536000
Server: openresty
Connection: keep-alive
Content-Length: 1565
Content-Type: text/javascript

Redirect headers

Location: /ee4c259fa19cf795910f79e4e52e1e42/first.js
Date: Thu, 23 Sep 2021 10:55:25 GMT
Cache-Control: no-store, max-age=0
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H2

200

second.js Show response
code.lime-juice.net/
Redirect Chain

https://sync.shinobi.jp/v2/sync/ne?t=js&r=https%3A%2F%2Fcode.lime-juice.net%2Fsecond.js%3Fdomain%3Dwhite-bear.info%26nu%3Dnull%26rv%3Dw3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0Ag...
https://code.lime-juice.net/second.js?domain=white-bear.info&nu=null&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-48...

256 B
339 B

241ms
241ms

Script
text/plain

202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.lime-juice.net/second.js?domain=white-bear.info&nu=null&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-4877-97bd-f3f58024422d
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: a7eff4f4b5f518ae03a31189e36eb1bc1b0e221add718728532ddf2087ac0dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:25 GMT
cache-control: no-store, max-age=0
server: openresty
content-length: 256

Redirect headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:25 GMT
server: openresty
access-control-allow-origin: *
p3p: CP='UNI CUR OUR'
location: https://code.lime-juice.net/second.js?domain=white-bear.info&nu=null&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-4877-97bd-f3f58024422d
cache-control: no-cache , must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4ABC 42 B
64 B 18ms
17ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTNHe41_a0QsnVKQmPQwEri1BwYFNncubP_6l4Un26yLDp3svUKYDOujfjr5LmNLAldLEY2_ZXd-3lkvZfHqOHcVFFw2GYnRXE4z0y3TnFEUlmqBk&sai=AMfl-YR2p_LTyUYBb7HiHU1XxGfcyG7-vk1BeQMlcBnzP4zsFt2a9St3336zXaqcPFxoubYq-KL1rlW4Pz3M&sig=Cg0ArKJSzI2d7DleLfRkEAE&id=lidar2&mcvt=1001&p=366,972,616,1272&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=130662909&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1632394522701&rpt=1588&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cookiesync
adm.shinobi.jp/chikayo/
Redirect Chain

http://sync.shinobi.jp/v2/sync/multi/1001?1632394525366
https://sync.shinobi.jp/v2/sync/multi/1001?1632394525366
https://adm.shinobi.jp/chikayo/cookiesync?uid=11b1922c-8725-4877-97bd-f3f58024422d

43 B
379 B

865ms
258ms

Image
image/gif

202.228.215.15
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adm.shinobi.jp/chikayo/cookiesync?uid=11b1922c-8725-4877-97bd-f3f58024422d
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.15 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 10:55:26 GMT
Server: openresty
Connection: keep-alive
Content-Type: image/gif
Transfer-Encoding: chunked
P3P: CP='UNI CUR OUR'

Redirect headers

location: https://adm.shinobi.jp/chikayo/cookiesync?uid=11b1922c-8725-4877-97bd-f3f58024422d
date: Thu, 23 Sep 2021 10:55:25 GMT
server: openresty
content-length: 0

GET
H2

200

set
sync.im-apps.net/imid/
Redirect Chain

http://sync.shinobi.jp/v2/sync/multi/1762?1632394525366
https://sync.shinobi.jp/v2/sync/multi/1762?1632394525366
https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=11b1922c-8725-4877-97bd-f3f58024422d

43 B
593 B

825ms
267ms

Image
image/gif

52.198.50.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=11b1922c-8725-4877-97bd-f3f58024422d
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.50.3 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-50-3.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:26 GMT
server: nginx
x-im-imid-created: 1632394526
p3p: CP="NOI PSD OTR"
x-im-imid: 0ei8llGLS6GSu4Kd-MFIwA
cache-control: no-cache
content-type: image/gif
expires: Thu, 23 Sep 2021 10:55:25 GMT

Redirect headers

location: https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=11b1922c-8725-4877-97bd-f3f58024422d
date: Thu, 23 Sep 2021 10:55:25 GMT
server: openresty
content-length: 0

GET
H2

200

2736
sync.shinobi.jp/v2/sync/multi/
Redirect Chain

http://sync.shinobi.jp/v2/sync/multi/2736?1632394525366
https://sync.shinobi.jp/v2/sync/multi/2736?1632394525366

43 B
108 B

234ms
233ms

Image
image/gif

202.228.215.61
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.shinobi.jp/v2/sync/multi/2736?1632394525366
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.61 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:25 GMT
server: openresty
content-length: 43
content-type: image/gif

Redirect headers

Location: https://sync.shinobi.jp/v2/sync/multi/2736?1632394525366
Date: Thu, 23 Sep 2021 10:55:25 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H2

200

second.js Show response
code.lime-juice.net/
Redirect Chain

https://sync.shinobi.jp/v2/sync/ne?t=js&r=https%3A%2F%2Fcode.lime-juice.net%2Fsecond.js%3Fdomain%3Dwhite-bear.info%26nu%3DYXN8nE8fvvqE3OzKufVGjWijjL6GGJ2Kbpv54l1oPcYQSgTZkMQm02UZ0B00rZgEtitdRcFn_nv...
https://code.lime-juice.net/second.js?domain=white-bear.info&nu=YXN8nE8fvvqE3OzKufVGjWijjL6GGJ2Kbpv54l1oPcYQSgTZkMQm02UZ0B00rZgEtitdRcFn_nvJj6I7qVHTeN1cO6lFNDw_Rh4P7RlF-37RoCM9XSJ7PCeEu8Y_8PrIDNR4t...

256 B
339 B

241ms
241ms

Script
text/plain

202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.lime-juice.net/second.js?domain=white-bear.info&nu=YXN8nE8fvvqE3OzKufVGjWijjL6GGJ2Kbpv54l1oPcYQSgTZkMQm02UZ0B00rZgEtitdRcFn_nvJj6I7qVHTeN1cO6lFNDw_Rh4P7RlF-37RoCM9XSJ7PCeEu8Y_8PrIDNR4tYvCzYP1wVcpXWalvPMJg9Rds5zm&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-4877-97bd-f3f58024422d
Requested by: Host: white-bear.info
URL: http://white-bear.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: 514ad9ce7623719a30b4761bda09b5b58487515ce572520fdbb32f3ef5518a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:25 GMT
cache-control: no-store, max-age=0
server: openresty
content-length: 256

Redirect headers

pragma: no-cache
date: Thu, 23 Sep 2021 10:55:25 GMT
server: openresty
access-control-allow-origin: *
p3p: CP='UNI CUR OUR'
location: https://code.lime-juice.net/second.js?domain=white-bear.info&nu=YXN8nE8fvvqE3OzKufVGjWijjL6GGJ2Kbpv54l1oPcYQSgTZkMQm02UZ0B00rZgEtitdRcFn_nvJj6I7qVHTeN1cO6lFNDw_Rh4P7RlF-37RoCM9XSJ7PCeEu8Y_8PrIDNR4tYvCzYP1wVcpXWalvPMJg9Rds5zm&rv=w3rGngTGACdVeQ98XG7LjWg3EZ6dX8q7Dua0qhSsm6tCFb8RzjT5oc-C0xig0AgvnQhCDmSgu8YiXKxvwYKvRg&h=1200&w=1600&d=1&cid=11b1922c-8725-4877-97bd-f3f58024422d
cache-control: no-cache , must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 42ms
42ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

d328b0e7f726a7bc1e09c47b17212ee6d217a79479fb8b54220ab81c06e1ad59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49903
x-xss-protection: 0
server: cafe
etag: 11915155297804066519
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Sep 2021 10:55:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 22ms
22ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210921&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

cad7d5151572ba342b217ee0d497f64097f84f7648eb982733e88ae756ead759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 10:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 23 Sep 2021 10:55:26 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/ Frame 5B85 10 KB
5 KB 17ms
16ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210921/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 22 Sep 2021 20:26:37 GMT
expires: Wed, 06 Oct 2021 20:26:37 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 52129
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 21ms
21ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwhite-bear.info%2F&tn=DIV&id=fixed-header&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

HTTP/1.1

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Sep 2021 10:55:26 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=white-bear.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 10:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B4F 0
19 B 27ms
26ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5552747336387028&output=html&adk=1812271804&adf=3025194257&lmt=1632394517&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwhite-bear.info%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632394526771&bpp=2&bdt=7423&idt=2&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35eec685147fbb0e-22bdd57948c900f9%3AT%3D1632394523%3ART%3D1632394523%3AS%3DALNI_MbYo_8KFVx6wm1k1piz-oOZGrhK8g&prev_slotnames=3020944594%2C7590744996%2C9067478191&nras=1&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&psts=AGkb-H811bQE7e-wVRJKnEvmk6ri51_cajDXYE0cOmUaMIO6hnq0V-ZBI1GHkFMno0yLK2xsBTlY2OlxtgY%2CAGkb-H8F7GhJBOTpBtSvBGh9_vtEUnRIERpWrp9U31EWEAvvrtkv8TEQCqVPLhQJsATB7KO_c-f3WzNne5jbkA%2CAGkb-H8bPtm9tShttvX2m4GtLUAyoU3RhMKX3gG7McZbYjEAzHb5fCiD14bE_TclE8yGefjcjgrjKZ0lXb0&pvsid=2393443195029660&pem=884&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5552747336387028&output=html&adk=1812271804&adf=3025194257&lmt=1632394517&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwhite-bear.info%2F&ea=0&flash=0&pra=7&wgl=1&dt=1632394526771&bpp=2&bdt=7423&idt=2&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35eec685147fbb0e-22bdd57948c900f9%3AT%3D1632394523%3ART%3D1632394523%3AS%3DALNI_MbYo_8KFVx6wm1k1piz-oOZGrhK8g&prev_slotnames=3020944594%2C7590744996%2C9067478191&nras=1&correlator=768787253307&frm=20&pv=1&ga_vid=1209098934.1632394523&ga_sid=1632394523&ga_hid=467593640&ga_fc=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062518&oid=3&psts=AGkb-H811bQE7e-wVRJKnEvmk6ri51_cajDXYE0cOmUaMIO6hnq0V-ZBI1GHkFMno0yLK2xsBTlY2OlxtgY%2CAGkb-H8F7GhJBOTpBtSvBGh9_vtEUnRIERpWrp9U31EWEAvvrtkv8TEQCqVPLhQJsATB7KO_c-f3WzNne5jbkA%2CAGkb-H8bPtm9tShttvX2m4GtLUAyoU3RhMKX3gG7McZbYjEAzHb5fCiD14bE_TclE8yGefjcjgrjKZ0lXb0&pvsid=2393443195029660&pem=884&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 23 Sep 2021 10:55:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 10:55:26 GMT
cache-control: private

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5950 12 KB
5 KB 17ms
16ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 23 Sep 2021 10:19:08 GMT
expires: Fri, 23 Sep 2022 10:19:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6522 783 B
536 B 18ms
17ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

cc8f81b860e8e9195828cbf8c1182aac26d4b57b0d6c459c568e1c72a422bde0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yPGABbbo5jwlBVNHJ6xl4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://white-bear.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 23 Sep 2021 10:55:26 GMT
date: Thu, 23 Sep 2021 10:55:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-yPGABbbo5jwlBVNHJ6xl4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6522 0
0 25ms
25ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210921&jk=2393443195029660&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5950 35 KB
13 KB 8ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 10:03:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 10:03:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 36ms
36ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210921&jk=2393443195029660&bg=!pKelp-PNAAZNQyuQTUM7ACkAdvg8WnydBmNTglI5j-UsZkenQ9lLSqhiUNZydaZMNS9OvNDf_H5cWgIAAABPUgAAAApoAQcKANOV-LYnaGMEQSZK42NCP8lEKE72q0hJZnVxIsOAhBPm11gaQxC09_Ip11UPde6j3ydEqghQUHiDWE7UTjFWUZhLFpa7QlCcnioL0pyY6fAUl4ULidmUIApJRIFF0SkIJ4FWslNIXbCSM0qTh9lgEPraoOG4Yu_JVUFjEGrBqlg0Olfm26qQXLPiYczvO79MK2Z0A9QQ2_1AqW_3ARhs9HtsNWC1i8cY-eKRDBpf4r_02bHc4FSg8GaXTIP6FDGbb9Z5ztrIjiuiV2AO_EKvCFiV_mkxmQKwrNZfYMLE2RPMVSzUDVAiPLAOSwUNlD8EyC7Y7d22Z8hzndVnSNuDoRNaqSsZlbTKplFUOd1DcAHInxKhkFSXu-W262Ux2vfRBWXMXfm8xtd3Qdqwrds_ay7ZPSwAEiyBLIRbdqnPiKX3KH4xqdQukKj-8gIX1gj4AmDobBCKieYy9nkuTzABXwChgJpg8Yqbl-k_3OL8_VbaEcj45P7UTIge-cBvJy5olFBULmqGQXjoXOQhwaMcoXihO7TNCmYc0MLnkcwwBe1YLeIH1suRybKZcCLq4IoPeLQXwcG6kQNge-q6Xl5braGJ7h2DNr8XFhRXNaUi1JPbg3_xS2k0FMI81ZUBUJLclXdYeHlXj8GlR62YHri0c6Lfxw96yTE4PGEtp029vnCPNC6Ow54QOVhPFfWC_wyyOPmbqC8HU0dpIxjAXGdTZ_lWCbgfRTlTIRJHzK5tDRX_aIAOs6rNeAT4Y0UP3f4YJnIfhRmvRBMEZpm_KpPoXoZOzRDC4uox9cHmxRW56Wh9fYZRVXFcZzVk_cGjz31ZmfQErvsR9RTr4gmF_ZStbi5gFk30uSlQ9f99p4YgCOrGx6FzuXzZMYYIqhsS5TRG7BcQtx9NSWQAUGYokuCqMa9gz9voDz-7-qs8AAhVhOuVbNeORpNN4bBwxzmYvSUM0pTpL60vGSwHI8uBZNMZUdi6ZfnywC_2RNZ_xzocsg3gcVrmLxG0WhnTIo4-q6Fv-VLl1xVIMl8vUBcjw4SHQuIbxLkpIOBJ3ZzJbnmThfCI6aIyxVFq2qRZDL3Z0NpMoe7JBcyGjOJOltyxU7qFZphnBaxjwyMtzmpsPIl2bfAJgObJ334NQIBBd6o7wmLepsUHGo-rsZAWGiXAxeo42IPHls9356ENKEsB5w3sRYmzZGBjT0xpvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://white-bear.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.white-bear.info/	1970-01-20 14:57:46	Name: __utma Value: 119374031.1209098934.1632394523.1632394523.1632394523.1
.white-bear.info/	1969-12-31 23:59:59	Name: __utmc Value: 119374031
.white-bear.info/	1970-01-20 01:49:22	Name: __utmz Value: 119374031.1632394523.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.white-bear.info/	1970-01-19 21:26:35	Name: __utmt Value: 1
.white-bear.info/	1970-01-19 21:26:36	Name: __utmb Value: 119374031.1.10.1632394523
.white-bear.info/	1970-01-20 06:48:10	Name: __gads Value: ID=35eec685147fbb0e-22bdd57948c900f9:T=1632394523:RT=1632394523:S=ALNI_MbYo_8KFVx6wm1k1piz-oOZGrhK8g
.doubleclick.net/	1970-01-20 14:57:46	Name: IDE Value: AHWqTUm4u736n8kWgO1VkGQCqS05cIicMEojEanz0oFIqnazjvebLvaeHTwC04y3gCY
.getrockerbox.com/	1970-01-19 22:09:46	Name: uuid Value: rbcr-5b24ad7f-f705-4a0a-88f4-b0b5faddd196
.doubleclick.net/	1970-01-19 21:26:38	Name: DSID Value: NO_DATA
.sync.shinobi.jp/	1970-01-20 06:12:10	Name: ninja_dsp_uid Value: begT_9ODDeUdL4d3ZUvJZs15odnQxUFtfQg8DohOSKDW5XpL
.sync.shinobi.jp/	1970-01-19 21:46:44	Name: cs1762 Value: 1
.sync.shinobi.jp/	1970-01-19 21:46:44	Name: cs1001 Value: 1
.im-apps.net/	1970-01-20 14:57:46	Name: imid_secure Value: 0ei8llGLS6GSu4Kd-MFIwA
.im-apps.net/	1970-01-20 14:57:46	Name: imid_created_secure Value: 1632394526
adm.shinobi.jp/	1970-01-20 06:12:10	Name: ninja_adm_cy_uid Value: 11b1922c-8725-4877-97bd-f3f58024422d

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://white-bear.info/(Line 254) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://white-bear.info/(Line 254) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051(Line 1663) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://omt.shinobi.jp/tsumugi?location=http%3A%2F%2Fwhite-bear.info%2F&source_key=431e4445969cc5dbf576be1286d6a051&st=4&rd=0.13452895098179685, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://omt.shinobi.jp/b/431e4445969cc5dbf576be1286d6a051(Line 1663) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://omt.shinobi.jp/tsumugi?location=http%3A%2F%2Fwhite-bear.info%2F&source_key=431e4445969cc5dbf576be1286d6a051&st=4&rd=0.13452895098179685, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: http://white-bear.info/ Message: Refused to execute script from 'https://ad.linksynergy.com/fs-bin/show?id=sG7dGPZu0Nk&bids=304206.7420&catid=0&gridnum=13&type=14&subid=0' because its MIME type ('image/gif') is not executable.
network	error	URL: http://omt.shinobi.jp/pv?t=1632394521799 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.linksynergy.com
adm.shinobi.jp
adservice.google.com
b.hatena.ne.jp
clients1.google.com
code.lime-juice.net
connect.facebook.net
cse.google.com
fls-fe.amazon-adsystem.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
m.media-amazon.com
metrics.getrockerbox.com
omt.shinobi.jp
pagead2.googlesyndication.com
partner.googleadservices.com
rcm-fe.amazon-adsystem.com
s0.2mdn.net
s3.feedly.com
sync.im-apps.net
sync.shinobi.jp
tpc.googlesyndication.com
vjs.zencdn.net
white-bear.info
wms-fe.amazon-adsystem.com
ws-fe.assoc-amazon.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www10.a8.net
www12.a8.net
www15.a8.net
www16.a8.net
www17.a8.net
www18.a8.net
www19.a8.net
www22.a8.net
www23.a8.net
www25.a8.net
www26.a8.net
www27.a8.net
www29.a8.net
x9.shinobi.jp
yarpp.org
104.20.60.241
107.20.147.136
142.250.184.193
142.250.184.194
142.250.184.196
142.250.185.130
142.250.185.142
142.250.185.194
142.250.185.230
142.250.186.162
142.250.186.174
143.204.95.227
143.204.98.109
151.101.66.217
157.240.236.1
157.240.236.15
157.240.236.35
157.7.107.248
172.217.23.98
172.67.177.215
18.177.164.57
202.228.215.15
202.228.215.61
202.228.215.63
202.228.215.64
216.58.212.174
35.212.66.39
52.119.163.203
52.119.165.175
52.119.167.137
52.119.173.124
52.198.26.114
52.198.50.3
02e69a366cc3240deec29eac47d9901f03767ee5bffb2a53c076e46c58b90c1f
037b8fe9649526d213190648941ee915cb4953841b581a88db294d56de4238e7
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
03d1ea9364abe325ea2f519c95843e1366f604a6bf1d0418780e311b79d52ed0
08154fded64a633690600184772b94f7f3d31e94f49604a15a410e4330dc7102
0ea0083ec629a7af350b0b44814d0eae90857144ba292fd0076540776b1d6f7f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12701b18ff59a06aa1985d1c02d5c36c29f1f4d6926e7f1e32785155f5f2ea53
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1688b92c6a96b61a60f1c2a3a479119c15456dc05082ba96bb5621bee4f8c9b5
16ffd1dd8cf49dd8c165dfed8b6362998707a6669ac5d1715bc8be780aa5d82e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf96a901f0752969464b3eb2383ab220fc26abc349cdffc4e8da0d0b46d14da
1fa87cf7a1f97adfd87552d2cd602fc9fb7b5e8521c7c7b5fff975fd03875b95
2047835d58eeac712d7cb3fc3073eb290c47c49ed042b45b7bb63bf9546c8c17
209622f617c20711739de48daebff32d7f0234e8d20ffeaeca8ce4126a1127d7
20f97e85fda5ae93e2020fa1c12acaf96e1a2484870d3eee6335316f0d9855eb
21224549a82106f069f578d8155e84eaccae93650821ea5c632cb706bac13894
256901173052d0e5aaefeef64629502c18c945c8873843cdfa9cce42805d5a76
265ba63a92caa740fc47502a40f42d4085b4e3046c2332bff2a820dd5ea54174
2891a98c41044017d3c02bd34ddaa92a62539216eda7afc04c83812b2c407a3d
2b3fafecce9755f82fa6165b9d54e58a7a64485163e48586a8a26e39617ad41e
2ba626abef2bb8181093c32e3013ee772e70a6b434a62caaf5905422bc33a233
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d49a779bd9e88769cc638bd3cbc84bc4d10d901efbadec3818bb5c5f3b88142
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32fa92aa50697e23c51fdf449a1c4d3f3a14dcfedae3701c7653962182e21c87
330cbb061ae584a795f4a3271608078e65618fbcf6e5746cd4e2b6177b381ba3
3408bf8bddb0c3b8b15c8d02e4c5eaede5db5680a9cc6f5c09dfa3019f46ef34
34260e76c97008336db04eceed6cf6d55141363f82e30a90c24ba9f2e1e92233
3736c652a533c7a15deea303baf91efa414a8db4c6138216acdfe86fb0914877
37e2f171dfa990138aa13b6f22d3682604ef01254bdebf4324d2d9ce09df9daa
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3c13a4becaa7d9a45d324799038c1751fe969c3e21a24379f27cd2ff02f15942
41be9b6def9198311ad7b760cdb51ccb0153fdc44f0a39949ed99965492e3e03
421809d0687b33956d5283cbc715cada99f6eee47d6729da662bde49a62fc003
43ef93636b61754e21c380667bd96355697cbbe65b679598dc0019c01b140cf7
446e0250e99aa5adb45a00edeba4df8d5d9caf58b7dc87a13e778fb3ae3da723
4b221651d354c9f7454903f38cda6521197e1596842f65c49291a71ceeb5b888
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a1cb335e2d2234a977c42ffae0855259be3b7a283e97439b22950a1918d169
514ad9ce7623719a30b4761bda09b5b58487515ce572520fdbb32f3ef5518a2f
518002e9ab569e2f886e6eb15d3cfa8edc2dc815d67fe151cee6f946cc1c90f4
54052416e2255df975e13b3f5ff2a1eae42ae0ecc1096400489d5dc4bdf3aa9a
541ae1e84709335f0185c59c95570061dcf48327002779eadc6a223da892d356
5606518d45dd396dea660be990fba918338c58f3d124fc9399c24a4099f0f4e4
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
56b1059c07166ca43b778562bbe93ac52c58e51d722b793e8505ddc0ad67096d
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
5fa7464abf7deee810994c3d26a0b5ed2830615d831e50fbd2370ea69a9bb2fc
5ff420df95d508931e6a7d611d122fddd7bf789e424b9bf4036afaa3866b7892
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
64d2575d82b06557bac4a30aa5e21371b6b3a0a2537c7512811c44737690a378
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
7092d7947ad6efaf0ad73731a052e90d1b2464144738a2f3f29d1f19d3f63ead
70d34b8e015461548333094bf5d7a8b4e714f7abe98b2d223bd2b02c1e6ec87b
735cfa119c7a59b4a4cb329af68b62e15d5b9aee0c0c259a843f99f3811844e8
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
75684cbdf74d54906c7fdfce519361440120ac8bd0d195c28cf0b8916a04be3c
75eb8026a8572cbf47f67574da2440b5c0c4043c32a6080b9878bd85d1726364
7a2f1b5f048557fb04bb7509eb9634a3d4f8dde91d8e9bb7f6a28ba72ca85eae
7a595801f69e6047f55575a0312ceb240c9afb3934635742f1c290eaf70d0140
7be25a29f47740febf795edd4ea43fd8ce9964e56ec9390acf35d5f027c12eb1
7c2b9eac732453dcade7e675e281fb4dd994cbf59ec35326752f285f9d784b74
7d07de72fe5c1a131ff8b1db1b2165f87199d1417f7d06e22f842c3805c55b08
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8568e9f91a8ed95e54ddb63a69b014ea55b109decbdfa1f9bc47d9de1a721968
879eeaacf1ab2235457394ac72ae62b7a71da870f87431a9a747d977850b931d
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f
8d449b5ad5a2f78704b40ec5639a32fe00edce295463ae5803a6b9a4512fd981
8d71eff37f81d8887e29d337786727db3fc7d50dc8b5b090636b8bcc32bee745
92007096937e8346138a952fa1371528ee6c6ec68861b0de6c04adac0d4d2691
92ae55b959f44cbfcab70abcb11d1c2339a500c373e1fcf40b42064c5c5f6f00
97c66bcc4d8c256c8588e9093f4d39c409cb59d5942deec88a9a8d059179e559
9ac915b0eae5b81604fa5e0fe9da20ed8f86aeea17a238373f42afdf37d75ece
9edb100d601e39e2fc5a254756bb34857f65919d4b6633e2812e7f9a5d6f0164
9f25952ad0c43129e0cf9e32ccbd33b0f0006510770b1db1a328cb2216d0f361
a00c22d3398964bfbd4df6336b217bddc2f5d91aa4aad8b955d7b42cf6eb26c7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6560cd80030cda36fbc9ae672da2fbff526627e8586e24947d64577b056bc81
a736f46bf7b1853368d39a159ce724adff948daaae4c3484b9615ad828220835
a751154e17d825375460e13cee574af32706b150e0130cd025858a355a63b1e4
a754066304aa29a7d21f425095941896f1cc93742d0f97091421043833194358
a7eff4f4b5f518ae03a31189e36eb1bc1b0e221add718728532ddf2087ac0dba
ab5d5290fa22579b352d616765784450d658cc0192a761e4ef6792e24a4d9b20
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b2b74bdce270d3a83b0b83ba33d58b57632882582e30a386dc1e4c107215e365
b66c7cbbed32f73b49e9e68f3dbb36ebc475c20b389fd3db4b22f9659645f256
b7895d12d38b243f0e07a918b59a25c5d2893d19c09c35b699ded31153edc62c
b7a0cd45b07c2e8a8c3b44d2e5d0a60d5f4fe2f8d9e1667061f187871bd42561
b8b7ea3f1f0bbe81baf68e55afc79690ac24f757cb2533329c5b3d52d0bf8ba5
b9577fe56ee0b69c715b4d85a6f38b7b815b92ad82c158fe2a4cfc95c97deac3
bad7436411df42f8954fbafbe881a5c68c199244e0fbb7f316a4ebc13041373a
bfd238ce56b7b990c29461d942d6ae200d2381cba5c9b451f478340ebdcb8aac
c0c4686d6ca7fd6f3d798711d11e1e106fb40487bec0a700d2f42d2c3d7a6eed
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c25c37909020d56695971cc505ba2703a9086c95cc3e5a694a4953ece01c39bc
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c806695230ae016a879cebe324d2b2ff4a447cb7938062dd83e02078090d83e6
c927cc4036a3cc44e962569b026c62821eb42cacc97315a4ed9cb1fb3ea11168
ca300181b97db79837a99178494075a3533a40d5ae3b3be2861e54e6eaec5ace
cad7d5151572ba342b217ee0d497f64097f84f7648eb982733e88ae756ead759
cbfb1b24e1eaa22433d00303187b53370c8e25892e43177891a01649e84c4259
cc8f81b860e8e9195828cbf8c1182aac26d4b57b0d6c459c568e1c72a422bde0
ce64de193caea884bd4d4a7723933ab844506b7a62ec35c52911e72588c0e62f
cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14
d31b5669b175275d53252192b743cbe35d17738eaa4579693dafef721864c52f
d328b0e7f726a7bc1e09c47b17212ee6d217a79479fb8b54220ab81c06e1ad59
d47b15f9ceed997958d2926eb66869594d088cbd2e0a9cb1903d8517ed32b86e
d77554d7adaa974ab50b409f6c81bfd0ab1afe3babd4591b4f1f2c4ae226c03c
d7bbd45424e7406a8fdd441f9b810972f0e726665927f8d3958f488f8d32bf97
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d9ed85d39e36e3920c13563a4d2123070a0478bcb74126d85b862447022409d3
dae91cba9ced1983b75ba077e4f2abdf7fee326fe66d3cf11febd0b7d6e44f67
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e1393542ac4259e228cc632c37a953761c85552b81e8c998ef8497996fb690c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f8913d6c49fe32db4ae66e36127b4efe88596d53bcc529503600e3194a9608
ec62de9c54033f0163588e9d274e822708dc8e6d11c0b62cdd6c6fb16331df6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01b4342c67ae97098d61edb0495338462f15fe127799818edb6565d4fc93083
f14576e4c849d6c23e2741cfe7138ad6bc069d086d7d26e7c3c9824b5bfa1b79
f54d087e5331b369cb9c4c7fd62045794737f8bc33aadc486dc81bdd4e1a70cd
f8a6604976d92d7f76d8ee4a84a1c1339d635c512ee0803a3e1ed6b29e46d473
f8c5ca09f1aef836e2703f815314c41091a613a596b7e104d13b0938a2eb9013
fca8bdad3a20af196a765a36cabc12610e0df63bda8783bd47725362a1ef7533
fcbb8aa3fd18588dcf6de3ed336ce0b3951adcb5ce9fd84bf069025ec0840836
fda022fed68d14f383420fe455bcb01b2ea40886d67119ed157784c2a8100050
fe55a74725a61f7f6128464710106975b45767a49ed330940258627f8ed78a4c
fe8cc9a8a8ed47a360284017f2371e0588a4dc2b055dbf249b5321ff0e40bcb9
fe97df67553e32766e6dba1963fed86a0511fea66d8470ca606be3060ed6985d

white-bear.info Open in urlscan Pro 157.7.107.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

59 %HTTPS

0 %IPv6

23 Domains

46 Subdomains

33 IPs

4 Countries

2663 kBTransfer

4490 kBSize

15 Cookies

18 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

white-bear.info Open in urlscan Pro
157.7.107.248 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

59 %
HTTPS

0 %
IPv6

23
Domains

46
Subdomains

33
IPs

4
Countries

2663 kB
Transfer

4490 kB
Size

15
Cookies

190 HTTP transactions
3 data transactions