urlscan.io logo urlscan.io
SecurityTrails logo

camp.winterzeit.org Open in urlscan Pro
163.44.185.199  Public Scan

Go To Rescan Add Verdict Report
URL: https://camp.winterzeit.org/
Submission: On June 06 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 49 HTTP transactions. The main IP is 163.44.185.199, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is camp.winterzeit.org.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time camp.winterzeit.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 163.44.185.199 7506 (INTERQ GM...)
1 2404:6800:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
5 142.250.196.130 15169 (GOOGLE)
2 202.228.215.70 4694 (IDCF IDC ...)
2 176.34.61.33 16509 (AMAZON-02)
8 202.228.215.63 4694 (IDCF IDC ...)
2 138.113.139.220 54994 (ML-1432-5...)
1 13.114.91.118 16509 (AMAZON-02)
4 172.217.31.130 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.207.97 15169 (GOOGLE)
1 172.217.175.68 15169 (GOOGLE)
49 14
19    163.44.185.199 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 163-44-185-199.virt.lolipop.jp
camp.winterzeit.org
1    2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
pagead2.googlesyndication.com
2    202.228.215.70 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: x4.shinobi.jp
xa.shinobi.jp
2    176.34.61.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-61-33.ap-northeast-1.compute.amazonaws.com
blogparts.blogmura.com
8    202.228.215.63 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp
asumi.shinobi.jp
2    138.113.139.220 (Tokyo, Japan)

ASN54994 (ML-1432-54994, CA)
cnobi.jp
1    13.114.91.118 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-91-118.ap-northeast-1.compute.amazonaws.com
blogmura.com
4    172.217.31.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    2404:6800:400a:804::2001 (Osaka, Japan)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f1.1e100.net
tpc.googlesyndication.com
1    172.217.175.68 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
19 winterzeit.org
camp.winterzeit.org
372 KB
10 shinobi.jp
xa.shinobi.jp
asumi.shinobi.jp — Cisco Umbrella Rank: 645140
5 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
214 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
3 blogmura.com
blogparts.blogmura.com — Cisco Umbrella Rank: 839792
blogmura.com — Cisco Umbrella Rank: 329317
4 KB
2 cnobi.jp
cnobi.jp — Cisco Umbrella Rank: 332872
14 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 461
31 KB
49 9
Domain Requested by
19 camp.winterzeit.org camp.winterzeit.org
8 asumi.shinobi.jp xa.shinobi.jp
asumi.shinobi.jp
camp.winterzeit.org
5 pagead2.googlesyndication.com camp.winterzeit.org
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cnobi.jp asumi.shinobi.jp
camp.winterzeit.org
2 blogparts.blogmura.com camp.winterzeit.org
2 xa.shinobi.jp camp.winterzeit.org
xa.shinobi.jp
1 www.google.com tpc.googlesyndication.com
1 blogmura.com blogparts.blogmura.com
1 cdnjs.cloudflare.com camp.winterzeit.org
1 ajax.googleapis.com camp.winterzeit.org
49 12

This site contains links to these domains. Also see Links.

Domain
www.ninja.co.jp
Subject Issuer Validity Valid
winterzeit.org
R3		 2024-05-24 -
2024-08-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.shinobi.jp
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
*.blogmura.com
Amazon RSA 2048 M03		 2023-12-14 -
2025-01-12		 a year crt.sh
support21.cdnetworks.net
GlobalSign RSA OV SSL CA 2018		 2024-03-14 -
2025-01-06		 10 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://camp.winterzeit.org/
Frame ID: 176EDE56F2D207199A4B50A1792EBFA8
Requests: 42 HTTP requests in this frame

Frame: https://blogmura.com/blogmura_parts.html?chid=11189076&oldCatId=&oldSubCatId=&type=out&catId=19
Frame ID: F7AC2CB8D5DD848492A8427E0F458CF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html
Frame ID: 105238BE5770F50A501F48F4B9B71F06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3107289210329639&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717686390&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcamp.winterzeit.org%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717686390198&bpp=15&bdt=342&idt=206&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5512456624084&frm=20&pv=2&ga_vid=536733035.1717686390&ga_sid=1717686390&ga_hid=604315102&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&oid=2&pvsid=4386972977765364&tmod=1773325403&uas=0&nvt=1&fsapi=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: 284FF569DAC540EA0FD7EFA05DE3FDBA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3107289210329639&output=html&h=280&adk=2068306026&adf=2141916313&pi=t.aa~a.3560489418~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1717686390&rafmt=1&to=qs&pwprc=8540064696&format=1200x280&url=https%3A%2F%2Fcamp.winterzeit.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717686390213&bpp=2&bdt=358&idt=219&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=5512456624084&frm=20&pv=1&ga_vid=536733035.1717686390&ga_sid=1717686390&ga_hid=604315102&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&oid=2&pvsid=4386972977765364&tmod=1773325403&uas=0&nvt=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=225
Frame ID: 88F3095F46E22B893984230A85C747DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3107289210329639&output=html&h=90&adk=46899873&adf=3968178346&pi=t.aa~a.1973656944~rp.4&w=800&abgtt=6&fwrn=1&fwrnh=100&lmt=1717686390&rafmt=1&to=qs&pwprc=8540064696&format=800x90&url=https%3A%2F%2Fcamp.winterzeit.org%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717686390548&bpp=1&bdt=692&idt=1&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5512456624084&frm=20&pv=1&ga_vid=536733035.1717686390&ga_sid=1717686390&ga_hid=604315102&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&oid=2&pvsid=4386972977765364&tmod=1773325403&uas=0&nvt=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: 42F7B5D991A7508316E29EA2E832BFEA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBF7EFAFFD301D7F5C482D04D85CC85D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A0E0B9EF827AE853342DB101EDA2AA6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

そこそこライトキャンプ防備録 | 予算抑えめでシンプルに軽量にコンパクトに、移動も設営も撤収も保管もなるべく楽できるように、そんなコンセプトでキャンプ道具とかスタイルとか紹介したい。

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

15 %
IPv6

9
Domains

12
Subdomains

14
IPs

4
Countries

644 kB
Transfer

1748 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
camp.winterzeit.org/ 		277 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache / PHP/7.4.33
Resource Hash
1d1bb6da8e2a83189055a9f4e5246a14b007cf8e82c5f0151fccb30226145bab

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
25129
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 15:06:29 GMT
link
<https://camp.winterzeit.org/wp-json/>; rel="https://api.w.org/"
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
x-powered-by
PHP/7.4.33
icomoon.woff
camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		18 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff?v=2.7.0.2
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
f28983ba3821cb6be34f2a3faf9b03a8befa9ca60b7c3768a9c620c01065ef5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Origin
https://camp.winterzeit.org
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:49 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
application/font-woff
accept-ranges
bytes
content-length
10735
fontawesome-webfont.woff2
camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Origin
https://camp.winterzeit.org
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:47 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
style.min.css
camp.winterzeit.org/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4&fver=20240524024914
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 02:49:14 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
14991
style.css
camp.winterzeit.org/wp-content/themes/cocoon-master/ 		251 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/style.css?ver=6.5.4&fver=20240604120447
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
42f41f524dcc626ab0ba77bfb734b4d07b9fe54549b9f296277b453b930482f3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:47 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
45107
keyframes.css
camp.winterzeit.org/wp-content/themes/cocoon-master/ 		291 B
303 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/keyframes.css?ver=6.5.4&fver=20240604120446
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
fb1c74d589690a0a4ed9ecd0f0de1a26ce1f12745be44f6750a33de42676683f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:46 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
123
font-awesome.min.css
camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.5.4&fver=20240604120447
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:47 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
7059
style.css
camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/icomoon/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?v=2.7.0.2&ver=6.5.4&fver=20240604120449
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
832afa68bd50da41ac5fa906f57b44d3236d416e894679934e253c2207534cf9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:49 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
925
style.css
camp.winterzeit.org/wp-content/themes/cocoon-child-master/ 		845 B
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-child-master/style.css?ver=6.5.4&fver=20240524024931
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 02:49:31 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
385
keyframes.css
camp.winterzeit.org/wp-content/themes/cocoon-child-master/ 		130 B
316 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.5.4&fver=20240524024931
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 02:49:31 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
text/css
accept-ranges
bytes
content-length
136
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Jun 2025 04:59:37 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
672199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3718
last-modified
Wed, 18 Nov 2020 00:51:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb4701e-2c03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8qGfW4wpC91fcwivGjAxmKL5eKmbQtcFWtVdZD%2B07V63DfzaUufuWc%2BdBFltZ%2Bs9bNzjLimxLT9eTzFn3Gmt4t39aGfCrC3VsYIFPFnm7dMd6OuGm5t%2BZQX31HPEVwbhtyIsjwb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88f94e80ae296830-NRT
expires
Tue, 27 May 2025 15:06:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3107289210329639
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
0f02e28ce0d48d22c030e475054f80f9ef548c5644812af183eb6a4ca46e1821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Origin
https://camp.winterzeit.org
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52555
x-xss-protection
0
server
cafe
etag
1741658726131156977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 06 Jun 2024 15:06:30 GMT
KIMG20240530_204521212-320x180.jpg
camp.winterzeit.org/wp-content/uploads/2024/05/ 		26 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camp.winterzeit.org/wp-content/uploads/2024/05/KIMG20240530_204521212-320x180.jpg
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
12e03cbe6b9de41eb763e8bab125d18d88ab644595582d5ff84f6c8ea9fc1056

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2024 11:52:55 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
25654
KIMG20240523_214020657-320x180.jpg
camp.winterzeit.org/wp-content/uploads/2024/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camp.winterzeit.org/wp-content/uploads/2024/05/KIMG20240523_214020657-320x180.jpg
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
e86b778e2560327779dfcd82b6da5242f7cba709e883e084517874809aa48fa9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2024 11:31:03 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
29171
KIMG20231207_145703915-320x180.jpg
camp.winterzeit.org/wp-content/uploads/2024/05/ 		51 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camp.winterzeit.org/wp-content/uploads/2024/05/KIMG20231207_145703915-320x180.jpg
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
a6768e159ef08bcd3b1eade344c26c641391518e879761d8d857b5a31acc4e4a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Mon, 27 May 2024 00:03:39 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
51137
191630800
xa.shinobi.jp/ufo/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xa.shinobi.jp/ufo/191630800
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.70 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
x4.shinobi.jp
Software
openresty /
Resource Hash
167a88c236c52d123ddcf27ace88a2620a7c665f87a1c39e2338e0e2c2b30a3c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2024 22:27:54 GMT
server
openresty
content-length
2566
vary
Accept-Encoding
content-type
application/x-javascript
parts_view.js
blogparts.blogmura.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogparts.blogmura.com/js/parts_view.js
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.61.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-61-33.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c9c88e8e5e3a54f5bf0694797b4eb8092cdc73260eb8a915d56917e5d160866d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
last-modified
Wed, 15 May 2024 03:43:37 GMT
accept-ranges
bytes
content-length
2958
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
stickyfill.min.js
camp.winterzeit.org/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.5.4&fver=20240604120446
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:46 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
application/javascript
accept-ranges
bytes
content-length
2212
javascript.js
camp.winterzeit.org/wp-content/themes/cocoon-master/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/javascript.js?ver=6.5.4&fver=20240604120446
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
928ab1dbeff913da66b4a52577597de2cfdab0986802b0f583b0e11a3c3a9bab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:46 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
application/javascript
accept-ranges
bytes
content-length
2784
javascript.js
camp.winterzeit.org/wp-content/themes/cocoon-child-master/ 		298 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-child-master/javascript.js?ver=6.5.4&fver=20240524024931
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:29 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 02:49:31 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
application/javascript
accept-ranges
bytes
content-length
212
Zen
xa.shinobi.jp/ 		321 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xa.shinobi.jp/Zen?1916308NaaabaaabaaaaaaaaaaaaaacjobueayB00__B
Requested by
Host: xa.shinobi.jp
URL: https://xa.shinobi.jp/ufo/191630800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.70 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
x4.shinobi.jp
Software
openresty /
Resource Hash
8b27115d685ceb0cf51e73543afb34094a38564008da8a57489f454977630429

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
server
openresty
content-length
321
content-type
application/x-javascript
encount
asumi.shinobi.jp/ 		134 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asumi.shinobi.jp/encount
Requested by
Host: xa.shinobi.jp
URL: https://xa.shinobi.jp/ufo/191630800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
ff8f8126161b73657b18d80a72ad0c1d95cdfae31fc3153275f760b6e211934e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
server
openresty
content-type
application/javascript
assault
asumi.shinobi.jp/ 		286 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asumi.shinobi.jp/assault?f=101
Requested by
Host: xa.shinobi.jp
URL: https://xa.shinobi.jp/ufo/191630800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
d1516d19802f3ce5e081cc0683b9c20ee7480eb800a1919c75bf5f6aab21112c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
server
openresty
content-type
application/javascript
assault
asumi.shinobi.jp/ 		286 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asumi.shinobi.jp/assault?f=233
Requested by
Host: xa.shinobi.jp
URL: https://xa.shinobi.jp/ufo/191630800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
bedf6f8b052fc0037f792a2a6f494eef162df91193e03ee41107d17f6062ddc5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
server
openresty
content-type
application/javascript
KIMG20240509_153045228-320x180.jpg
camp.winterzeit.org/wp-content/uploads/2024/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camp.winterzeit.org/wp-content/uploads/2024/05/KIMG20240509_153045228-320x180.jpg
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
c976905bfe8188e8749df3131843dc865f5652f922b2b8f5b33e230e79c8a240

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 05:25:36 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
38712
KIMG20240523_141714167-320x180.jpg
camp.winterzeit.org/wp-content/uploads/2024/05/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://camp.winterzeit.org/wp-content/uploads/2024/05/KIMG20240523_141714167-320x180.jpg
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
9d08e80a26588e695b0dd40e12defe88daa8a09a8621c8d057e77c4c0fc66607

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 04:10:49 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
44793
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3107289210329639
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
c7f1f6b3eff46e8f8775a175dd931df519f3deddc5c25b6779ad28d8ab33f30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147206
x-xss-protection
0
server
cafe
etag
5167612383502651666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jun 2024 15:06:30 GMT
1.17.46
cnobi.jp/v1/asumi/arms/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnobi.jp/v1/asumi/arms/1.17.46
Requested by
Host: asumi.shinobi.jp
URL: https://asumi.shinobi.jp/encount
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.113.139.220 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c0eefafd7ffb6ac52212a1206880bc04659711f6cebb6ececdb6afad521243b7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
via
1.1 PSrbdbOSA2lx44:7 (W), 1.1 PSrbdjTYO3to127:4 (W)
server
PWS/8.3.1.0.8
age
3986893
etag
CPCgp4O53egCEAE=
x-ws-request-id
6661d076_PSrbdjTYO3to127_40267-11920
content-type
application/javascript
cache-control
max-age=31536000
x-px
ht PSrbdjTYO3to127HND
fire
asumi.shinobi.jp/ 		794 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asumi.shinobi.jp/fire?f=101
Requested by
Host: asumi.shinobi.jp
URL: https://asumi.shinobi.jp/assault?f=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
7d0b1b4e210f10fb643c28f0ed4f0bd4fdbf8783b1cba1bdb9abe48eeedbbc1c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
content-encoding
gzip
server
openresty
content-type
application/javascript; charset=utf-8
track
asumi.shinobi.jp/ 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asumi.shinobi.jp/track?r=345&a=pick&_=1717686390296
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
server
openresty
content-length
43
content-type
image/gif
247
cnobi.jp/v1/asumi/resource/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnobi.jp/v1/asumi/resource/247
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.113.139.220 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6f8225be6d6d3d8ade7be0468055d3faab0ad56a60832b011e8068089c10b090

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
via
1.1 PSrbdbOSA2pb43:8 (W), 1.1 PSrbdjTYO3lw40:17 (W)
server
PWS/8.3.1.0.8
age
3990394
etag
CPD53ei13egCEAE=
x-ws-request-id
6661d076_PSrbdjTYO3to127_40267-11922
content-type
image/gif
cache-control
max-age=31536000
x-px
ht PSrbdjTYO3lw40HND
track
asumi.shinobi.jp/ 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asumi.shinobi.jp/track?r=345&a=imp&_=1717686390297
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
server
openresty
content-length
43
content-type
image/gif
track
asumi.shinobi.jp/ 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asumi.shinobi.jp/track?r=345&a=view&_=1717686390299
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
server
openresty
content-length
43
content-type
image/gif
fire
asumi.shinobi.jp/ 		0
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asumi.shinobi.jp/fire?f=233
Requested by
Host: asumi.shinobi.jp
URL: https://asumi.shinobi.jp/assault?f=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
swarm.shinobi.jp
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
server
openresty
content-length
0
content-type
application/javascript
blogmura_parts.html
blogmura.com/ Frame F7AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://blogmura.com/blogmura_parts.html?chid=11189076&oldCatId=&oldSubCatId=&type=out&catId=19
Requested by
Host: blogparts.blogmura.com
URL: https://blogparts.blogmura.com/js/parts_view.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.91.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-91-118.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
ja-JP
content-type
text/html;charset=UTF-8
date
Thu, 06 Jun 2024 15:06:30 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
accept-encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pvcount.GIF
blogparts.blogmura.com/pts/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogparts.blogmura.com/pts/pvcount.GIF?chid=11189076
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.61.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-61-33.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cab7cf5fdcaec5cef59c098589ba78acb18018f9dd7f1ca849a14c037a29aeb8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:30 GMT
accept-ranges
bytes
content-length
1101
content-type
image/gif
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240604/r20110914/ Frame 1052 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240604/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
36662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 04:55:28 GMT
etag
3711839061170457607
expires
Thu, 20 Jun 2024 04:55:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 284F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3107289210329639&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717686390&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcamp.winterzeit.org%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717686390198&bpp=15&bdt=342&idt=206&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5512456624084&frm=20&pv=2&ga_vid=536733035.1717686390&ga_sid=1717686390&ga_hid=604315102&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&oid=2&pvsid=4386972977765364&tmod=1773325403&uas=0&nvt=1&fsapi=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1829
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 15:06:30 GMT
expires
Thu, 06 Jun 2024 15:06:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 88F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3107289210329639&output=html&h=280&adk=2068306026&adf=2141916313&pi=t.aa~a.3560489418~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1717686390&rafmt=1&to=qs&pwprc=8540064696&format=1200x280&url=https%3A%2F%2Fcamp.winterzeit.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717686390213&bpp=2&bdt=358&idt=219&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=5512456624084&frm=20&pv=1&ga_vid=536733035.1717686390&ga_sid=1717686390&ga_hid=604315102&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&oid=2&pvsid=4386972977765364&tmod=1773325403&uas=0&nvt=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 15:06:30 GMT
expires
Thu, 06 Jun 2024 15:06:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 42F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3107289210329639&output=html&h=90&adk=46899873&adf=3968178346&pi=t.aa~a.1973656944~rp.4&w=800&abgtt=6&fwrn=1&fwrnh=100&lmt=1717686390&rafmt=1&to=qs&pwprc=8540064696&format=800x90&url=https%3A%2F%2Fcamp.winterzeit.org%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717686390548&bpp=1&bdt=692&idt=1&shv=r20240604&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=5512456624084&frm=20&pv=1&ga_vid=536733035.1717686390&ga_sid=1717686390&ga_hid=604315102&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=1459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&oid=2&pvsid=4386972977765364&tmod=1773325403&uas=0&nvt=1&fc=1920&brdim=150%2C150%2C150%2C150%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43069
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 15:06:30 GMT
expires
Thu, 06 Jun 2024 15:06:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31084199%2C31084255%2C42532524%2C95331689%2C95334508%2C95334053%2C95334159%2C31078668&hl=ja&pvc=4386972977765364
Requested by
Host: camp.winterzeit.org
URL: https://camp.winterzeit.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 15:06:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240604&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
c1a10f67222eb92d7d087fbd39e06fce36f2454419744fbd404d9a5b711b6367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12563
x-xss-protection
0
site-icon32x32.png
camp.winterzeit.org/wp-content/themes/cocoon-master/images/ 		352 B
556 B 		Other
General
Check archive.org
Download Go to
Full URL
https://camp.winterzeit.org/wp-content/themes/cocoon-master/images/site-icon32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.44.185.199 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
163-44-185-199.virt.lolipop.jp
Software
Apache /
Resource Hash
0447f3f4254d02cdfa99c216e0e78e038ddd26a81aa434510f357ab10cbf4f1d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:31 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 12:04:46 GMT
server
Apache
vary
Range,Accept-Encoding
x-cache
MISS
content-type
image/png
accept-ranges
bytes
content-length
375
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://camp.winterzeit.org/
Accept-Language
ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 15:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 06 Jun 2024 15:06:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
173703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Jun 2024 14:51:28 GMT
expires
Wed, 04 Jun 2025 14:51:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A0E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xp5EP6kl9V0LeSPo5UhhHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://camp.winterzeit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xp5EP6kl9V0LeSPo5UhhHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jun 2024 15:06:31 GMT
expires
Thu, 06 Jun 2024 15:06:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240604&jk=4386972977765364&bg=!qqmlqebNAAb64txl2uI7ADQBe5WfOEphNoM95AXb74u02UrlFThVeMwEwuwPI7M7jUtUkwas9LFf5cYLN7Vlsjb-gHa8AgAAAE1SAAAAE2gBB34ANXUpGST-OkEZclAOXmDu2hq8DhA9zt0khTy-KEth1CAKQyZg3TofwxfdmrXmFrSr83I-hOQ4CgALvkW6mO78FncyBc2ZApqHjO9-jmFSWlJf0amB1zynp0i9WjKFEVt342I2HoHznginlKPdDd2sx3I07COIesRS2lMPbprn2OhegSGyDiKO1jyrTQVL4AG6wGgx85huOttmufivreWnkvG80D9zDesTZh3lW_RJIghGHYcpKzxFHm9xv_6EmBhS-vXEckpneJvuxcZ07nkgiZd8qldPXP5ylxagmAy2SHlDdrLuRkEdtJkg-J0ZJ_FCztXKKmlSW1axenLeiWu1Y9VBk2sJjiKu6baMpjA_cDBwTbD-A6dKYlNdmEgNpDtfdma9QYCPQan9hvZC6epmbNAD4LW3CL0UHmewAWl5vGv_RCcQrcyKMYGHpD3OjPvo2uRFU7qQd3cIjlO5voqN-exAGnVi7ngofkfVw-cMS5fCN4dzWK2lJRuLRYQFYJOO8oXGF0YSmZKwsCY_yK7SP9_rKiYjzZDXJK33BJYCyLils99Dm56fjbi_7efH_ha63_j49IDlz-tuYNBT7iik8wh4FSfK-64mH9JWDXvsrklce5R2KI-l8-VuciicUPd65vfhbnyTyHTgMsqcuS4HtqKVYtshu_gAu4zCiVgPDFF0B26E0p15Bxuy5JKCQOfZAoMCfMg6Dzt-FaCHfjE9UdiQpCDuU_7kTq1iy6e51M25vXAgR_yv-8_o3Ep76O1LvUKC1_82-IQoKNKUeUefemnLJFCgaQW_97woe8B4Bv2p-my7vyqYrjIz1s7sMJSubH_TWl-vHTO2Qj88N7cH5nsP_XAkNFqIx1qcmMUWN7gXK3p3-VZlfZJFuyhfeyaLAdWxhrN-lVL3y_pPgSf4gpTyc6pUcXkqfXDi0kKRKsSXWRRFK5Mz3nlwjSwdEbTizW8nGsZzyy7LeHHnThVOzt0

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| $ function| jQuery string| SSSTR string| NINXID string| hattori number| NINGEOKANTO string| cN string| lT string| NRaD string| TYCK number| QoKNO function| NiJA function| Num2Al function| Alto10 function| QoKRD function| eraseSharp object| NnPPp function| __ntx__loadIframe function| addProto function| asumiAssault function| PutAnnD function| PutABnD string| TcN string| fT object| QoKS object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __asumi__ object| Stickyfill object| cocoon_localize_script_options function| blogmuraBlogparts string| partsDomain function| currentScriptSrc function| getJsParam object| elemBlogmura string| chidBlogmura string| typeBlogmura string| categoryBlogmura function| parts object| p function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_plmetrics object| google_image_requests string| tmpX number| iX number| nwt object| Nexp object| googletag object| GoogleGcLKhOms

15 Cookies

Domain/Path Name / Value
camp.winterzeit.org/ Name: 1916308NT
Value: https%3A//camp.winterzeit.org/
camp.winterzeit.org/ Name: 1916308NQ
Value: Bfoowydifoowydiaaab&00aaab
.doubleclick.net/ Name: IDE
Value: AHWqTUmQeVJ8Ni3GQpUW6xosFtS24F7gtV1cRxuQTfavj3ckIQxj6l8SbXfexo_WEW4
.winterzeit.org/ Name: __gads
Value: ID=f8b954f5d3cd3c5c:T=1717686390:RT=1717686390:S=ALNI_MYjnSUGsOwhbsWQorCaFaSNulRZ7w
.winterzeit.org/ Name: __gpi
Value: UID=00000e4294e943ff:T=1717686390:RT=1717686390:S=ALNI_Mb5qJDUnd4DQmvrQRYG7uclHSGTjg
.winterzeit.org/ Name: __eoi
Value: ID=92372af343c4ac95:T=1717686390:RT=1717686390:S=AA-AfjYvC-J_IvzYKeDBjFbgVzjO
.fout.jp/ Name: uid
Value: 5y8_0AC5JYkMR3aHh-z1rurXH54
.linkedin.com/ Name: bcookie
Value: "v=2&a869e31a-a276-408b-842f-c3cc43bb56c5"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3088:u=1:x=1:i=1717686391:t=1717772791:v=2:sig=AQFBmOPDzYlJQQXHfNu6K_5LDrcTqx9d"
.simpli.fi/ Name: suid
Value: 9B516EF1CDB34D3A96584A513B8D4D5C
.googleadservices.com/ Name: ar_debug
Value: 1
.zemanta.com/ Name: zuid
Value: xjWCKBAyhVwDdH8o3Xb7
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A1243609220142126725
.uuidksinc.net/ Name: jcsuuid
Value: qEGoEkQZmIuhHO0Ig9Ml

37 Console Messages

Source Level URL
Text
javascript warning URL: https://xa.shinobi.jp/ufo/191630800
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/encount, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://xa.shinobi.jp/ufo/191630800
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/encount, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://xa.shinobi.jp/ufo/191630800(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/assault?f=101, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://xa.shinobi.jp/ufo/191630800(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/assault?f=233, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://asumi.shinobi.jp/encount
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cnobi.jp/v1/asumi/arms/1.17.46, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://asumi.shinobi.jp/encount
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cnobi.jp/v1/asumi/arms/1.17.46, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://asumi.shinobi.jp/assault?f=101
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/fire?f=101, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://asumi.shinobi.jp/assault?f=101
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/fire?f=101, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://asumi.shinobi.jp/assault?f=233
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/fire?f=233, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://asumi.shinobi.jp/assault?f=233
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://asumi.shinobi.jp/fire?f=233, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://camp.winterzeit.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
asumi.shinobi.jp
blogmura.com
blogparts.blogmura.com
camp.winterzeit.org
cdnjs.cloudflare.com
cnobi.jp
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
xa.shinobi.jp
pagead2.googlesyndication.com
104.17.25.14
13.114.91.118
138.113.139.220
142.250.196.130
142.250.207.97
163.44.185.199
172.217.175.68
172.217.31.130
176.34.61.33
202.228.215.63
202.228.215.70
2404:6800:4004:818::200a
2404:6800:400a:804::2001
0447f3f4254d02cdfa99c216e0e78e038ddd26a81aa434510f357ab10cbf4f1d
0f02e28ce0d48d22c030e475054f80f9ef548c5644812af183eb6a4ca46e1821
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
12e03cbe6b9de41eb763e8bab125d18d88ab644595582d5ff84f6c8ea9fc1056
167a88c236c52d123ddcf27ace88a2620a7c665f87a1c39e2338e0e2c2b30a3c
1d1bb6da8e2a83189055a9f4e5246a14b007cf8e82c5f0151fccb30226145bab
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
42f41f524dcc626ab0ba77bfb734b4d07b9fe54549b9f296277b453b930482f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
6f8225be6d6d3d8ade7be0468055d3faab0ad56a60832b011e8068089c10b090
7d0b1b4e210f10fb643c28f0ed4f0bd4fdbf8783b1cba1bdb9abe48eeedbbc1c
832afa68bd50da41ac5fa906f57b44d3236d416e894679934e253c2207534cf9
8b27115d685ceb0cf51e73543afb34094a38564008da8a57489f454977630429
928ab1dbeff913da66b4a52577597de2cfdab0986802b0f583b0e11a3c3a9bab
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9d08e80a26588e695b0dd40e12defe88daa8a09a8621c8d057e77c4c0fc66607
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a6768e159ef08bcd3b1eade344c26c641391518e879761d8d857b5a31acc4e4a
b0bb9969a7c75f2d24e8c08cacb1856ecc281c6759da8ab8c60b43605b8c3b5b
bedf6f8b052fc0037f792a2a6f494eef162df91193e03ee41107d17f6062ddc5
c0eefafd7ffb6ac52212a1206880bc04659711f6cebb6ececdb6afad521243b7
c1a10f67222eb92d7d087fbd39e06fce36f2454419744fbd404d9a5b711b6367
c7f1f6b3eff46e8f8775a175dd931df519f3deddc5c25b6779ad28d8ab33f30a
c976905bfe8188e8749df3131843dc865f5652f922b2b8f5b33e230e79c8a240
c9c88e8e5e3a54f5bf0694797b4eb8092cdc73260eb8a915d56917e5d160866d
cab7cf5fdcaec5cef59c098589ba78acb18018f9dd7f1ca849a14c037a29aeb8
ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1516d19802f3ce5e081cc0683b9c20ee7480eb800a1919c75bf5f6aab21112c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b778e2560327779dfcd82b6da5242f7cba709e883e084517874809aa48fa9
ea6b03f54820c7ce3aa1378f599c83a4a07fad0d58667c98c586af1119a186d0
f28983ba3821cb6be34f2a3faf9b03a8befa9ca60b7c3768a9c620c01065ef5a
fb1c74d589690a0a4ed9ecd0f0de1a26ce1f12745be44f6750a33de42676683f
ff8f8126161b73657b18d80a72ad0c1d95cdfae31fc3153275f760b6e211934e