urlscan.io logo urlscan.io
SecurityTrails logo

uidhealth.com Open in urlscan Pro
172.67.163.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bapakesans.web.app/
Effective URL: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Submission: On July 13 via manual from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 28 domains to perform 58 HTTP transactions. The main IP is 172.67.163.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is uidhealth.com.
TLS certificate: Issued by E1 on June 26th 2023. Valid for: 3 months.
This is the only time uidhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 199.36.158.100 54113 (FASTLY)
1 172.217.26.234 15169 (GOOGLE)
1 142.250.199.97 15169 (GOOGLE)
1 103.141.97.99 131965 (XSERVER X...)
1 157.112.152.40 131965 (XSERVER X...)
1 54.65.137.42 16509 (AMAZON-02)
1 151.101.129.229 54113 (FASTLY)
1 172.217.161.46 15169 (GOOGLE)
1 7 173.233.137.60 7979 (SERVERS-COM)
4 104.21.233.142 13335 (CLOUDFLAR...)
1 104.20.219.77 13335 (CLOUDFLAR...)
3 192.0.77.2 2635 (AUTOMATTIC)
1 204.79.197.200 8068 (MICROSOFT...)
3 142.250.207.4 15169 (GOOGLE)
1 172.64.162.2 13335 (CLOUDFLAR...)
2 13.251.164.148 16509 (AMAZON-02)
2 4 173.233.137.52 7979 (SERVERS-COM)
1 6 173.233.139.164 7979 (SERVERS-COM)
1 104.21.11.9 13335 (CLOUDFLAR...)
2 172.67.163.98 13335 (CLOUDFLAR...)
2 104.21.21.106 13335 (CLOUDFLAR...)
3 104.26.7.228 13335 (CLOUDFLAR...)
1 172.67.218.143 13335 (CLOUDFLAR...)
1 173.239.53.32 27257 (WEBAIR-IN...)
58 25
2    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
bapakesans.web.app
1    172.217.26.234 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f10.1e100.net
ajax.googleapis.com
1    142.250.199.97 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f1.1e100.net
2.bp.blogspot.com
1    103.141.97.99 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv10898.xserver.jp
japaclip.com
1    157.112.152.40 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv939.xserver.jp
www.silhouette-illust.com
1    54.65.137.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-137-42.ap-northeast-1.compute.amazonaws.com
www.heartpage.jp
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    172.217.161.46 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f14.1e100.net
cse.google.com
7    173.233.137.60 (United States)

ASN7979 (SERVERS-COM, US)
exi8ef83z9.com
jestthankfulcaption.com
4    104.21.233.142 (None, )

ASN13335 (CLOUDFLARENET, US)
images.weserv.nl
1    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
3    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
ts2.mm.bing.net
3    142.250.207.4 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f4.1e100.net
www.google.com
1    172.64.162.2 (United States)

ASN13335 (CLOUDFLARENET, US)
friendshipmale.com
2    13.251.164.148 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-164-148.ap-southeast-1.compute.amazonaws.com
simplewebanalysis.com
4    173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)
exactconfigurationhasten.com
manurepungentfew.com
6    173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)
confirmationevidence.com
1    104.21.11.9 (None, )

ASN13335 (CLOUDFLARENET, US)
saptiledispatch.com
2    172.67.163.98 (United States)

ASN13335 (CLOUDFLARENET, US)
uidhealth.com
2    104.21.21.106 (None, )

ASN13335 (CLOUDFLARENET, US)
feed.cn-rtb.com
t.cn-rtb.com
3    104.26.7.228 (None, )

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
t.ocmhood.com
1    172.67.218.143 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
1    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.explorefast-1.com
Apex Domain
Subdomains		 Transfer
6 confirmationevidence.com
confirmationevidence.com
16 KB
5 exi8ef83z9.com
exi8ef83z9.com
55 KB
4 weserv.nl
images.weserv.nl — Cisco Umbrella Rank: 104618
8 KB
4 google.com
cse.google.com — Cisco Umbrella Rank: 3820
www.google.com — Cisco Umbrella Rank: 10
118 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 59290
t.ocmhood.com — Cisco Umbrella Rank: 10829
19 KB
3 wp.com
i0.wp.com — Cisco Umbrella Rank: 3650
76 KB
2 cn-rtb.com
feed.cn-rtb.com — Cisco Umbrella Rank: 69653
t.cn-rtb.com — Cisco Umbrella Rank: 81419
849 B
2 uidhealth.com
uidhealth.com Failed
20 KB
2 manurepungentfew.com
manurepungentfew.com
4 KB
2 jestthankfulcaption.com
jestthankfulcaption.com
4 KB
2 exactconfigurationhasten.com
exactconfigurationhasten.com
4 KB
2 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 12138
604 B
2 web.app
bapakesans.web.app
25 KB
1 explorefast-1.com
xml-v4.explorefast-1.com — Cisco Umbrella Rank: 61437
1 ocmtag.com
cdn.ocmtag.com
663 B
1 saptiledispatch.com
saptiledispatch.com — Cisco Umbrella Rank: 425819
958 B
1 friendshipmale.com
friendshipmale.com — Cisco Umbrella Rank: 14757
27 KB
1 bing.net
ts2.mm.bing.net — Cisco Umbrella Rank: 381823
45 KB
1 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16040
15 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
1 KB
1 heartpage.jp
www.heartpage.jp
1 silhouette-illust.com
www.silhouette-illust.com
22 KB
1 japaclip.com
japaclip.com
197 KB
1 blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 14952
262 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
fonts.googleapis.com Failed
31 KB
0 xu27a.top Failed
xu27a.top Failed
0 creative-bars1.com Failed
cdn.creative-bars1.com Failed
0 advotionhot.com Failed
offer.advotionhot.com Failed
58 28
Domain Requested by
6 confirmationevidence.com 1 redirects exi8ef83z9.com
5 exi8ef83z9.com bapakesans.web.app
4 images.weserv.nl bapakesans.web.app
3 www.google.com cse.google.com
3 i0.wp.com bapakesans.web.app
2 t.ocmhood.com sdk.ocmhood.com
2 uidhealth.com bapakesans.web.app
uidhealth.com
2 manurepungentfew.com 1 redirects bapakesans.web.app
2 jestthankfulcaption.com 1 redirects bapakesans.web.app
2 exactconfigurationhasten.com 1 redirects bapakesans.web.app
2 simplewebanalysis.com exi8ef83z9.com
2 bapakesans.web.app bapakesans.web.app
1 xml-v4.explorefast-1.com uidhealth.com
1 t.cn-rtb.com uidhealth.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 sdk.ocmhood.com uidhealth.com
1 feed.cn-rtb.com uidhealth.com
1 saptiledispatch.com exi8ef83z9.com
1 friendshipmale.com exi8ef83z9.com
1 ts2.mm.bing.net bapakesans.web.app
1 www.statcounter.com bapakesans.web.app
1 cse.google.com bapakesans.web.app
1 cdn.jsdelivr.net bapakesans.web.app
1 www.heartpage.jp bapakesans.web.app
1 www.silhouette-illust.com bapakesans.web.app
1 japaclip.com bapakesans.web.app
1 2.bp.blogspot.com bapakesans.web.app
1 ajax.googleapis.com bapakesans.web.app
0 xu27a.top Failed
0 fonts.googleapis.com Failed exi8ef83z9.com
0 cdn.creative-bars1.com Failed exi8ef83z9.com
0 offer.advotionhot.com Failed bapakesans.web.app
58 32

This site contains no links.

Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2023-07-10 -
2023-10-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.japaclip.com
R3		 2023-06-27 -
2023-09-25		 3 months crt.sh
www.silhouette-illust.com
SecureCore RSA DV CA		 2023-06-25 -
2024-07-25		 a year crt.sh
*.heartpage.jp
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-28 -
2023-10-29		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
exi8ef83z9.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
weserv.nl
GTS CA 1P5		 2023-06-19 -
2023-09-17		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-18 -
2024-02-17		 a year crt.sh
simplewebanalysis.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-31		 a year crt.sh
confirmationevidence.com
R3		 2023-07-12 -
2023-10-10		 3 months crt.sh
uidhealth.com
E1		 2023-06-26 -
2023-09-24		 3 months crt.sh
cn-rtb.com
GTS CA 1P5		 2023-06-20 -
2023-09-18		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
explorefast-1.com
R3		 2023-06-20 -
2023-09-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Frame ID: F94509711ED063ED349308BEB0BE28BA
Requests: 56 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: F382AA49DE0013264897C70957C55CA9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Allow

Page URL History Show full URLs

  1. http://bapakesans.web.app/ HTTP 307
    https://bapakesans.web.app/ Page URL
  2. https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

58
Requests

74 %
HTTPS

0 %
IPv6

28
Domains

32
Subdomains

25
IPs

4
Countries

943 kB
Transfer

1545 kB
Size

44
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bapakesans.web.app/ HTTP 307
    https://bapakesans.web.app/ Page URL
  2. https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bapakesans.web.app/ HTTP 307
  • https://bapakesans.web.app/
Request Chain 27
  • https://exactconfigurationhasten.com/watch.239744969186.js?key=ba8fd9e7c2c1b43ce45c6dc0eae552c0&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1 HTTP 307
  • https://exactconfigurationhasten.com/watch.239744969186.js?key=ba8fd9e7c2c1b43ce45c6dc0eae552c0&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=bdf526d8137d43b12d3c51180107702952c54af98dd8e8889610ff85bfbee5c7d3a8f299109a458724debf849545f1a2d72f09725a87065b7d9d2d14b5453e0a5d543257143617b4f0015406af832364db5b99c8c47606d29db248d8f9ebaa08&pst=1689235986&rmtc=t
Request Chain 28
  • https://jestthankfulcaption.com/watch.80977648125.js?key=5e9649edfe56f3d0dd904faba567ac0c&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1 HTTP 307
  • https://jestthankfulcaption.com/watch.80977648125.js?key=5e9649edfe56f3d0dd904faba567ac0c&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=bb6965846baeba1d006e96a708c57aa8e054e9720f28aedfc85394167bdea612942843423401382c4d941bd15ed3f8631de52073300281705506adfd4f0647ba1134a4bd33057fa83a8462805889909a447e832e045ee15e3f9bf9c8da41cb725a180b&pst=1689235986&rmtc=t
Request Chain 31
  • https://manurepungentfew.com/watch.1471356186555.js?key=25dce54784cc1f7a044b4a4dedeb3131&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1 HTTP 307
  • https://manurepungentfew.com/watch.1471356186555.js?key=25dce54784cc1f7a044b4a4dedeb3131&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=4cead64afbf04fd232cebd7208e3b11a7a80ee4352e865a5b4fb39c07b9ea0b6c4ae344fd3659d25e30c60984b5160c53a5ff78da06ea04377984c29a017bc8220ba087f218e855a6747a03de2eeb0c2cc5fdf6a6eca9d0523847c1ab8cd&pst=1689235986&rmtc=t
Request Chain 33
  • https://confirmationevidence.com/watch.95404880064.js?key=2d25631515345312ed82a1827ca9c1df&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1 HTTP 307
  • https://confirmationevidence.com/watch.95404880064.js?key=2d25631515345312ed82a1827ca9c1df&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=d590a2b7d2f141cd6ac61726cc61a8d4f69c94e9430ee206dab6d0b4223d1d00ce373f88f2396e192238f611daecab79e4264ad1309a2c2b89c02c64c32d55385a9ec0a84bbf70e000c028520538925f121a8d6edd254053cd9c3afbff8b9621de&pst=1689235986&rmtc=t

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bapakesans.web.app/
Redirect Chain
  • http://bapakesans.web.app/
  • https://bapakesans.web.app/
83 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5774ff804d4a98f6b7da2f167c66208a9e5bcb07497852cefb409da577ede5b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
14335
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 08:12:03 GMT
etag
"c728fba2a40419d57659f39aca95814169d78c09c6a7920d5c5d5475a951de45-br"
last-modified
Thu, 22 Oct 2020 17:45:43 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-tyo11983-TYO
x-timer
S1689235923.755305,VS0,VE690

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://bapakesans.web.app/
Non-Authoritative-Reason
HSTS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jul 2024 00:53:59 GMT
haraita_woman.png
2.bp.blogspot.com/-2y-_CaTJVPs/UrEhjVUwR8I/AAAAAAAAb58/PNcO1kGpjdA/s800/ 		262 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-2y-_CaTJVPs/UrEhjVUwR8I/AAAAAAAAb58/PNcO1kGpjdA/s800/haraita_woman.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f1.1e100.net
Software
fife /
Resource Hash
31ab306cdff631c3aaac808617f46161c722fcfa4fe69be61686ba1068291902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:06:28 GMT
x-content-type-options
nosniff
age
7535
content-disposition
inline;filename="haraita_woman.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
268088
x-xss-protection
0
server
fife
etag
"v6fa4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 14 Jul 2023 06:06:28 GMT
blackboard-arithmetic.png
japaclip.com/files/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://japaclip.com/files/blackboard-arithmetic.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.141.97.99 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv10898.xserver.jp
Software
nginx /
Resource Hash
141b5f72373c3b8ee67abe919c5fa6045cf37ebd759165abb9e2bc27a42f26f8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:04 GMT
last-modified
Sun, 05 Sep 2021 02:22:17 GMT
server
nginx
etag
"311ff-5cb3633923b94"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
201215
expires
Thu, 20 Jul 2023 08:12:04 GMT
10296-300x300.jpg
www.silhouette-illust.com/wp-content/uploads/2016/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.silhouette-illust.com/wp-content/uploads/2016/09/10296-300x300.jpg
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.152.40 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv939.xserver.jp
Software
nginx /
Resource Hash
ecf2ff5287363b54acc297f1ae0e3bef8d9d63b6abd81aeb1c4684c824452fe9

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:04 GMT
last-modified
Thu, 15 Sep 2016 08:07:07 GMT
server
nginx
etag
"563f-53c8754f2c0c0"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
22079
expires
Thu, 20 Jul 2023 08:12:04 GMT
image
www.heartpage.jp/storage/img/article/20200817/938/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heartpage.jp/storage/img/article/20200817/938/image
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.137.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-137-42.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
okethememenu.min.js
cdn.jsdelivr.net/gh/masantoid/nyuriken/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/masantoid/nyuriken/okethememenu.min.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13b1019bbe9e846f39b40c02e296d157db0e31820b826772c79353bf5e48249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 13 Jul 2023 08:12:04 GMT
x-content-type-options
nosniff
content-encoding
br
age
28675
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
688
x-served-by
cache-fra-eddf8230105-FRA, cache-tyo11942-TYO
x-jsd-version-type
branch
etag
W/"507-Iph6n9Q19RStJYFmlVXXn2yaSZg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-1146807203476864:gmgezrf-5k8
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s23-in-f14.1e100.net
Software
gws /
Resource Hash
74025e1c26208c4f852a6930f0f145e706ee634c8709ad16d1890f5acf504d87
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-SB1YI8v_j4cF2UESSD2f4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-SB1YI8v_j4cF2UESSD2f4g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Thu, 13 Jul 2023 08:12:04 GMT
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3034
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
e202b5b2f4f8b531c8a6102eaaa6cc21.js
exi8ef83z9.com/e2/02/b5/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exi8ef83z9.com/e2/02/b5/e202b5b2f4f8b531c8a6102eaaa6cc21.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
b8ab990a746bbb643b6f33f82a00291f426a9038be3ee5dac28c78cb34821e45
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:04 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
8deed31c805dd2a72931019daca78702
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
images.weserv.nl/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://i.imgur.com/9ytXe2f.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f9841946ec6dbe16e0b9b9f38e278dc5e2d7cb6df6bc16f8c4b423e282f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-images-api
5
date
Thu, 13 Jul 2023 08:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19457959
x-cache-status
MISS
x-upstream-response-length
2209
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.png
alt-svc
h3=":443"; ma=86400
content-length
1523
last-modified
Fri, 25 Feb 2022 10:08:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6NzbKHxnrb0myIWK%2Bp6ZPFlqGlyrnfwz45JAdGqQY%2FL%2BAV1gsMebngKSYaAJ9b8BKV%2BqmNdXn6PDPYRXnafmeX2Fjh9rNg9GkC6S7Lc8%2FP5aRcW%2B4PTMqqV7mvg9eFyvumu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://i.imgur.com/9ytXe2f.png>; rel="canonical"
cf-ray
7e600f0f488734d5-NRT
expires
Sat, 25 Feb 2023 10:08:32 GMT
/
images.weserv.nl/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://i.imgur.com/djqbQTl.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63af82dd80d8d0b44fa7e4ca07446d5fe6e44bab3c86f7733999168ae251fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-images-api
5
date
Thu, 13 Jul 2023 08:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5353063
x-cache-status
BYPASS
x-upstream-response-length
2260
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.png
alt-svc
h3=":443"; ma=86400
content-length
1580
last-modified
Tue, 28 Feb 2023 12:13:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oouQjqjL88PqAILyPUeDeA79Pgr5yNgKZWBtkYi4bDICJLSJ94r0eKY%2FPHg786d1Rzy4NCmR%2BUFXK1LJl1quIdACGuwEa9ir%2Bmgueg3OnWFfdVwu7pzd2fFoQwG%2FSxJmGm9h"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://i.imgur.com/djqbQTl.png>; rel="canonical"
cf-ray
7e600f0f488934d5-NRT
expires
Wed, 28 Feb 2024 12:13:22 GMT
/
images.weserv.nl/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://i.imgur.com/BJvdE2p.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78fd38fd7a9608a1c0dad6901e456eab67b81e8a13f1e4d9f3790a27879acebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-images-api
5
date
Thu, 13 Jul 2023 08:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5346775
x-cache-status
MISS
x-upstream-response-length
2050
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.png
alt-svc
h3=":443"; ma=86400
content-length
1420
last-modified
Sat, 25 Feb 2023 14:50:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ap3A04pzsyA3R2La9CJoNwnM0JCHeFQ8NSBY5LGO6kFQAb50GnORLfINoFu8WOxquegt%2Br1Q1ohwESyJQfbp5NpLnsLY%2B3ojnmALByBaBoq%2BHXZE3und7piFfPEWR%2F3E0pL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://i.imgur.com/BJvdE2p.png>; rel="canonical"
cf-ray
7e600f0f488c34d5-NRT
expires
Sun, 25 Feb 2024 14:50:04 GMT
/
images.weserv.nl/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://i.imgur.com/WV3ELNf.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06ed6514f6a1512c7e5dd9aee6d280a2dca2267cc500e09383310bb1bc214ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-images-api
5
date
Thu, 13 Jul 2023 08:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27239214
content-disposition
inline; filename=image.png
alt-svc
h3=":443"; ma=86400
content-length
1551
cf-bgj
csam-hash
last-modified
Fri, 23 Apr 2021 05:25:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DHLlTbcVoXKIswOcT4b0UeWa4SDyZn6qYqOrcaEKDDcx0O3Qja%2Bq53P%2Bih01FU39sp1JYj6OT7%2B7VnHiJVOfl%2B6Xk%2FT0tV0P5zpDZDsWdXB831bGOXc%2BJB1Clj4cJVROpEV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e600f0f488b34d5-NRT
expires
Sat, 23 Apr 2022 05:09:48 GMT
counter.js
www.statcounter.com/counter/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jul 2023 15:10:22 GMT
server
cloudflare
age
14406
etag
W/"64a587de-ae4f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7e600f0d8ac28a6f-NRT
expires
Thu, 13 Jul 2023 16:11:58 GMT
Dark%20Wild_Olivia.png
i0.wp.com/wolpeper.oketheme.com/wp-content/themes/wolpeper/img/pattern/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/wolpeper.oketheme.com/wp-content/themes/wolpeper/img/pattern/Dark%20Wild_Olivia.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
bef3aff61a2f9b1503c4a49ecdf95c69c383dd123ef20f8db9fbf0f5cdf8ec58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc
HIT nrt 5
date
Thu, 13 Jul 2023 08:12:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 06:32:20 GMT
server
nginx
etag
"95a4d3bcef6eb054"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://wolpeper.oketheme.com/wp-content/themes/wolpeper/img/pattern/Dark%20Wild_Olivia.png>; rel="canonical"
content-length
21322
expires
Sun, 08 Sep 2024 18:32:20 GMT
header.jpg
i0.wp.com/wolpeper.oketheme.com/wp-content/themes/wolpeper/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/wolpeper.oketheme.com/wp-content/themes/wolpeper/img/header.jpg
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9f41e4100d9627a1a873a730d6e96bc5117251d1093d8217242922bb12470303
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc
HIT nrt 1
date
Thu, 13 Jul 2023 08:12:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 02:28:39 GMT
server
nginx
etag
"b826017762dc6ed3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://wolpeper.oketheme.com/wp-content/themes/wolpeper/img/header.jpg>; rel="canonical"
content-length
55396
expires
Tue, 10 Sep 2024 14:28:39 GMT
garis.png
i0.wp.com/wolpeper.oketheme.com/wp-content/themes/wolpeper/img/pattern/ 		82 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/wolpeper.oketheme.com/wp-content/themes/wolpeper/img/pattern/garis.png
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7766949dd9bd8b9d8a8dae229baa87974c65645ec947ce890e4fa5966a3e2227
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc
HIT nrt 4
date
Thu, 13 Jul 2023 08:12:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 16:17:05 GMT
server
nginx
etag
"7e1882b4eddf0053"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://wolpeper.oketheme.com/wp-content/themes/wolpeper/img/pattern/garis.png>; rel="canonical"
content-length
82
expires
Wed, 11 Sep 2024 04:17:05 GMT
grid.gif
bapakesans.web.app/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bapakesans.web.app/img/grid.gif
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-tyo11983-TYO
strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 13 Jul 2023 08:12:03 GMT
x-timer
S1689235924.985754,VS0,VE6
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10712
x-cache-hits
1
th
ts2.mm.bing.net/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts2.mm.bing.net/th?q=%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%2010%20%E6%9C%88%20%E7%94%BB%E5%83%8F
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
9f32ac90520845ad2f6cf25caad427e145305c00a3be654ff6ef876acb622a87

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:04 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CE8C26D1648D40DEAA9B1DF55363C123 Ref B: TYAEDGE0719 Ref C: 2023-07-13T08:12:04Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache
TCP_HIT
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
45540
cse_element__ja.js
www.google.com/cse/static/element/827890a761694e44/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/827890a761694e44/cse_element__ja.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-1146807203476864:gmgezrf-5k8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f4.1e100.net
Software
sffe /
Resource Hash
e08f522739129390e819b160cd81ba623477e892ac3488c94a38b955dcc0ed72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 04:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105108
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 16:35:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 12 Jul 2024 04:57:57 GMT
default+ja.css
www.google.com/cse/static/element/827890a761694e44/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/827890a761694e44/default+ja.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-1146807203476864:gmgezrf-5k8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f4.1e100.net
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 04:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 16:35:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 12 Jul 2024 04:57:57 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-1146807203476864:gmgezrf-5k8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 13 Jul 2023 08:17:57 GMT
sfp.js
friendshipmale.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friendshipmale.com/sfp.js
Requested by
Host: exi8ef83z9.com
URL: https://exi8ef83z9.com/e2/02/b5/e202b5b2f4f8b531c8a6102eaaa6cc21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.162.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:05 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
61f3a55ff467990900c70440d381c4c8
last-modified
Thu, 13 Jul 2023 08:12:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjMVpybvU6yz6Vg8%2FMfvGmN7wnVxLYTlmUgc0uVgl%2FDFSs%2B3a1KpWuxqtQhELSX0hicOutpw5Qoss3DaNFWzHmpAAwmtZhdddICaG7cD5Kf43cJXblivP9GUEj0CD%2FfuTIWBNlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7e600f157a8180e9-NRT
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
simplewebanalysis.com/ 		40 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: exi8ef83z9.com
URL: https://exi8ef83z9.com/e2/02/b5/e202b5b2f4f8b531c8a6102eaaa6cc21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.164.148 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-164-148.ap-southeast-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
a643fe787f1ab9f9ecfb916eefa7b07679684772cfc43da18ed706f6a69a24d0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://bapakesans.web.app
date
Thu, 13 Jul 2023 08:12:05 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
invoke.js
exi8ef83z9.com/ba8fd9e7c2c1b43ce45c6dc0eae552c0/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exi8ef83z9.com/ba8fd9e7c2c1b43ce45c6dc0eae552c0/invoke.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
4bf902c22f45a327dc7e4f61b053e93459c2e571c405515b50e61bfb9777ebcb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://bapakesans.web.app/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 13 Jul 2023 08:12:05 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
167814f5c9fdb5daa95ab03436c5ead8
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
simplewebanalysis.com/ 		40 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: exi8ef83z9.com
URL: https://exi8ef83z9.com/ba8fd9e7c2c1b43ce45c6dc0eae552c0/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.164.148 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-164-148.ap-southeast-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
9fed6ff7a90699fc09b4dfbb0dd2fd3aae868a7da8f168a35b62e7b8c9b97b89

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://bapakesans.web.app
date
Thu, 13 Jul 2023 08:12:05 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
invoke.js
exi8ef83z9.com/5e9649edfe56f3d0dd904faba567ac0c/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exi8ef83z9.com/5e9649edfe56f3d0dd904faba567ac0c/invoke.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
1433fc2436d47172c609d3425599f2dccb9467ef445486619a750cdf10961783
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://bapakesans.web.app/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 13 Jul 2023 08:12:05 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
1917397830ac9e20ace484c8cf3e2c4e
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.239744969186.js
exactconfigurationhasten.com/
Redirect Chain
  • https://exactconfigurationhasten.com/watch.239744969186.js?key=ba8fd9e7c2c1b43ce45c6dc0eae552c0&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2ca...
  • https://exactconfigurationhasten.com/watch.239744969186.js?key=ba8fd9e7c2c1b43ce45c6dc0eae552c0&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2ca...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exactconfigurationhasten.com/watch.239744969186.js?key=ba8fd9e7c2c1b43ce45c6dc0eae552c0&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=bdf526d8137d43b12d3c51180107702952c54af98dd8e8889610ff85bfbee5c7d3a8f299109a458724debf849545f1a2d72f09725a87065b7d9d2d14b5453e0a5d543257143617b4f0015406af832364db5b99c8c47606d29db248d8f9ebaa08&pst=1689235986&rmtc=t
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Server
173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
c9ac7e5b31f7c644407a0f721cf4190fe84756ce0f58510409d7bcde4e976d79
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
028d04486701f00dd69cfc030400297d
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Location
https://exactconfigurationhasten.com/watch.239744969186.js?key=ba8fd9e7c2c1b43ce45c6dc0eae552c0&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=bdf526d8137d43b12d3c51180107702952c54af98dd8e8889610ff85bfbee5c7d3a8f299109a458724debf849545f1a2d72f09725a87065b7d9d2d14b5453e0a5d543257143617b4f0015406af832364db5b99c8c47606d29db248d8f9ebaa08&pst=1689235986&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
bf9acf377b91f6bed192f6aceda5a640
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.80977648125.js
jestthankfulcaption.com/
Redirect Chain
  • https://jestthankfulcaption.com/watch.80977648125.js?key=5e9649edfe56f3d0dd904faba567ac0c&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%...
  • https://jestthankfulcaption.com/watch.80977648125.js?key=5e9649edfe56f3d0dd904faba567ac0c&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jestthankfulcaption.com/watch.80977648125.js?key=5e9649edfe56f3d0dd904faba567ac0c&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=bb6965846baeba1d006e96a708c57aa8e054e9720f28aedfc85394167bdea612942843423401382c4d941bd15ed3f8631de52073300281705506adfd4f0647ba1134a4bd33057fa83a8462805889909a447e832e045ee15e3f9bf9c8da41cb725a180b&pst=1689235986&rmtc=t
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
920b63e5b65b7407743e5e033195767e57e34ddeea36ff34eb778aa9b8e9f4dc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
2a159fbd4944ea59c62e205e1aaa3605
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Location
https://jestthankfulcaption.com/watch.80977648125.js?key=5e9649edfe56f3d0dd904faba567ac0c&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=bb6965846baeba1d006e96a708c57aa8e054e9720f28aedfc85394167bdea612942843423401382c4d941bd15ed3f8631de52073300281705506adfd4f0647ba1134a4bd33057fa83a8462805889909a447e832e045ee15e3f9bf9c8da41cb725a180b&pst=1689235986&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
3cafb1fd8598a57bd6de4129b58c23e8
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
exi8ef83z9.com/25dce54784cc1f7a044b4a4dedeb3131/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exi8ef83z9.com/25dce54784cc1f7a044b4a4dedeb3131/invoke.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
47e89d084225c788dc7fd2895b58e9a0af0863da7afa0612e9f003a7294da58c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://bapakesans.web.app/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 13 Jul 2023 08:12:05 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
400cf7d316f748a7be57d95ff34854ff
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbar.json
confirmationevidence.com/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://confirmationevidence.com/sbar.json?key=e202b5b2f4f8b531c8a6102eaaa6cc21&uuid=59fc08af-5203-4804-b0e8-5e2d89df2939%3A2%3A1
Requested by
Host: exi8ef83z9.com
URL: https://exi8ef83z9.com/e2/02/b5/e202b5b2f4f8b531c8a6102eaaa6cc21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
0ee17ec67aeedbfb085cf1450d826d4b7dfcb1b17e3bbad065be85018c12b52d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://bapakesans.web.app
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
298de5ac3156987d02e95d512c78dd78
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.1471356186555.js
manurepungentfew.com/
Redirect Chain
  • https://manurepungentfew.com/watch.1471356186555.js?key=25dce54784cc1f7a044b4a4dedeb3131&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5...
  • https://manurepungentfew.com/watch.1471356186555.js?key=25dce54784cc1f7a044b4a4dedeb3131&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manurepungentfew.com/watch.1471356186555.js?key=25dce54784cc1f7a044b4a4dedeb3131&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=4cead64afbf04fd232cebd7208e3b11a7a80ee4352e865a5b4fb39c07b9ea0b6c4ae344fd3659d25e30c60984b5160c53a5ff78da06ea04377984c29a017bc8220ba087f218e855a6747a03de2eeb0c2cc5fdf6a6eca9d0523847c1ab8cd&pst=1689235986&rmtc=t
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Server
173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
fe6f937d9b01df7311a1c5f6de9d3536b3b99350deb79d638a37b012407d0113
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
713f5cc46eeb72a5930751d8a1e9cb35
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Location
https://manurepungentfew.com/watch.1471356186555.js?key=25dce54784cc1f7a044b4a4dedeb3131&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=4cead64afbf04fd232cebd7208e3b11a7a80ee4352e865a5b4fb39c07b9ea0b6c4ae344fd3659d25e30c60984b5160c53a5ff78da06ea04377984c29a017bc8220ba087f218e855a6747a03de2eeb0c2cc5fdf6a6eca9d0523847c1ab8cd&pst=1689235986&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
45d45b41807d0f8357d311a19b75b013
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
exi8ef83z9.com/2d25631515345312ed82a1827ca9c1df/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exi8ef83z9.com/2d25631515345312ed82a1827ca9c1df/invoke.js
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e397f6dd12c332884a7081ca22c6fc72f8707c4f6b31257af9d40d37798eb0bf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://bapakesans.web.app/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
a7a11acb3882a7737e40f770aae6b30c
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.95404880064.js
confirmationevidence.com/
Redirect Chain
  • https://confirmationevidence.com/watch.95404880064.js?key=2d25631515345312ed82a1827ca9c1df&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22...
  • https://confirmationevidence.com/watch.95404880064.js?key=2d25631515345312ed82a1827ca9c1df&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://confirmationevidence.com/watch.95404880064.js?key=2d25631515345312ed82a1827ca9c1df&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=d590a2b7d2f141cd6ac61726cc61a8d4f69c94e9430ee206dab6d0b4223d1d00ce373f88f2396e192238f611daecab79e4264ad1309a2c2b89c02c64c32d55385a9ec0a84bbf70e000c028520538925f121a8d6edd254053cd9c3afbff8b9621de&pst=1689235986&rmtc=t
Protocol
HTTP/1.1
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
bea1ddca43e645cefa4078d0c3695452
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Custom-Referer
https://bapakesans.web.app
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://bapakesans.web.app
Location
https://confirmationevidence.com/watch.95404880064.js?key=2d25631515345312ed82a1827ca9c1df&kw=%5B%22%E6%9C%80%E9%AB%98%E3%81%AE%E5%A3%81%E7%B4%99%E3%81%AE%E3%82%A2%E3%82%A4%E3%83%87%E3%82%A2cahd%22%5D&refer=https%3A%2F%2Fbapakesans.web.app%2F&tz=0&dev=r&res=12.31&uuid=a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1&shu=d590a2b7d2f141cd6ac61726cc61a8d4f69c94e9430ee206dab6d0b4223d1d00ce373f88f2396e192238f611daecab79e4264ad1309a2c2b89c02c64c32d55385a9ec0a84bbf70e000c028520538925f121a8d6edd254053cd9c3afbff8b9621de&pst=1689235986&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
0f395b6a92ac21805f8ef38228f4ad64
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
exi8ef83z9.com/be38cd9b331fd365a7f196ec07814137/ 		0
0
/
uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/ 		0
0
/
uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/ 		0
0
index.html
saptiledispatch.com/sb/notifications/cinema/default/us/all/close-rtb/v2/ 		1 KB
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saptiledispatch.com/sb/notifications/cinema/default/us/all/close-rtb/v2/index.html
Requested by
Host: exi8ef83z9.com
URL: https://exi8ef83z9.com/e2/02/b5/e202b5b2f4f8b531c8a6102eaaa6cc21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.11.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad23771ee9bf4f89c380e6b72ec302600dc8fb0b9aedc38933d98269a6d52a17

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63985
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 07 Oct 2020 12:56:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlSTvHkDmnAiu7JjE7izcFBU1fOe6IcxSOufXxtGmuOHgwdXzIe%2B6%2FlowUhgPC%2BEO%2F1ga0UhPjCV25ArYBxmbTNw%2BFIRBZAuYIhI8nAva1qjvwtzNaGK63cnlwAMyaDLEiAT17%2BS"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
7e600f1e3815aff7-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
ren.gif
confirmationevidence.com/ 		7 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://confirmationevidence.com/ren.gif?sid=H4sIAAAAAAAC%2F%2BxWW2wjVxkep1QVoi8UCYmHSpZMo61oJnP3uNUqSuI4vm1uduw4L%2BmZmTP2seeWOTO246e1s7RbWkQoqmClAt4%2Fe19KqECqKiighLdIIBmElD6skIatWCHxwCsIIWdTbVmBeOCRHo10vjn%2FOd%2F83z%2B%2FvplXrob3GA5CdBJccHvEstC0zHLxc1XiGG6HxpfKcZ5juZfiVeIo0kvxriI9H5%2F1PAtXsVYgwbQsJllRiZ8rZMsXii%2FELdLC8UWst9zn4%2FMN37XxNM9LLMfKSVFm%2BZQaLyET%2BeTsHBDvHV6QWVlgRYXlkyp0%2FccWaBgDimJgtO8xzwAxRp9L1%2F4ORD8Ex%2F5RGtNW4HovLNihhQLXh7Zxc91pOW7HAfsRNP0YmM7Ns93g0hHDfGcCXOfmmU5w29fGOkEjIyb2YAs058bD9EFr7%2FO8BJoFTQ80g4FO%2BxCwdQgEHYLu7gIxXNANyK%2BAY1%2FPIw85D0NoHBoxT2angHRGzJP1Cjj2HRTGXQfHHRxA1xwC6R4CqR%2BCFx5B0PsskM4R6MEAiPFrJv7i18GxbxVcn%2BwgGwExTr4sp0ydU5E5JQucOCWpnDSlcVidkrFgqCnDFFJi6rQ4hBwCMQ%2FBwnuA6ASENAYhiUFoTkDoTYBtnMQVTVE5I6maRooXec1UzKSsG5qAcSqpCykeQn2sYQ8Cbw90aw90%2FyJ4%2FkVokT3ww18CbQyBGjGgAQNtYwgdzECHMtBBDHQIA51gXK7hdcOiAh3eMCwaavzZLJzN4nDfDepX0XU3qGOHuerdYz5%2FWrg%2F%2FyUGLXwSxwInaLImmJKparLI6ypSeE7ACCFF1wUeKBkCoROAaAx6ZMR84b1z4I3f47Uj0NARUOsIdPIEoPBZQJ39pMABauxLKgc95wMUIB%2FRBmkhDdeRTVjiIxoGLmF11wbDHYIXfAaCndhV6x7zpdPE5p%2B5D1g%2FnvnDV1%2BbvPSbp0D3h%2BD5Q2iSXzFQty7vr7kd5tqa26HMu8teQGzSQwFxnVKAAszcKeCdjusbuTTduz2rjwNj%2BIMypkEROQZx6pS5O0cMA%2FsZ19cx80GOVrG2EtLGXOg7oVdcmc%2FkbM%2FHlBLXOQRERgzz1xHoZMQ8fSlx2sPPPXUExD8CP%2Fxwot4IAo%2B%2BOD3tEUqoPRY2rc9oxMgZ572QNrYEThC5JC9yKi9wypbGy1JKQ%2FqWoCbRlqQLwhYSBbyFBQMlFWm825g0MR6fF0VJnnRNE%2Fs547wsppKqMmmgAJ2XTU1ca68uboaoGZSLQpfTF1x2ZX0uU1qv5NfWN7OlHnuhns%2BjcotfrfCVvF3bbBp53GzJuNa0%2BNaGnSlVpRB7%2BdChBV4jXgbr2bm27sgtp8DypiNkkFpK151Gp0WL6U5xO2gXt1sdlS22vAWx2FuX8%2FP8WpnvVitNneINQzHKmU2cxbON9VlpI1dYItJ2umxlShUrs77OB7jKy7WNxYpVdgtrlrxsOdU1H9kpR9vIEG9bVvWNJVHfsEQj67GGGM43sssKLSpSMykuYNVZ7OlhqpO3l1u9VfFCj6orpNvRFjaVejbFa%2BuZ2VWuki5xm%2Fk1fq5QXghKZm5utVKpaI1aNdeoWPVaLizU8nP1Wo0tbVarm1Y%2B8Jy819U35tqak%2Bl5VSJ5aCdtVhVKFTZvSvmpRq2QbTjbyXYyrDRzwkqrtrKEqutTy2mdXSmrbFFcCkvlrmhmM5IhbaZxFi%2BQ7Ha67m6vlmuFUsNd3mhuhiu2kqluZFJ6zUq1arzcRNWug6retmZ3e3o1FepVpUsL3nZQRMmghqTQ394xistC6KPVSYOe58EOj2deefn%2Bs8%2Fd%2BQkQ9wh079JBIlGcXVtc2MpdmF1cSCROlj5uRlVLSUk2cL1pYqM6ptM6sj1E6g6d1n2MAtImwc7UaWxKkDiZl8UpXlEFURRkQZUFTmA9p34rkcjNLy8lEifZj4m7oZBE%2F5X4P1PeTiTKuXJxnGwm2v1eNLgb7b4VDfaj3Z%2FFo93b0eBaNPhptPvjaPB%2B1P%2FhR2%2B%2Fdv9r73%2F09vcfXNmL%2Bm%2Fcv%2FxqNHgj6t%2BI%2Bpei%2Fs%2Bj%2FpXo4uAgkUgvlObXcivl3GmuLz%2FGG%2FXvRoPL0eD1P%2F7iu396571o8OZD2vF6%2F0o0eP0UHEQX%2B1H%2FW%2BNr8GY0OIh270S7u2PQ%2F%2FbpE78R9YdR%2F62ofwmod8ycDaAuA7716F7zYtAJP5zo%2FhtfMP5XX3jMCz5pE5%2F6wv%2BfLxDv%2FL%2F8zp0axb4vaMczt%2FjJB93f%2FQMsMmLm9b%2BBhY9nbn%2Fx1a9MPJ0HpA2B4k%2B07CN8lV6Guh8DFOyCYw%2Bh7Q%2BhbQ0BWXtAwyf2A88%2FnvmteDpAs2L7muXHrmmWb33z4aebkpN4EiE5KZqcIGsGElJmStMkncdJQdIlgeckCOjIOHj39%2F8EAAD%2F%2FwEAAP%2F%2F7bwagh8LAAA%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
41ccac3d371070a99104f2cedbded4d3
Expires
Thu, 01 Jan 1970 00:00:01 GMT
click
offer.advotionhot.com/ 		0
0
err.gif
confirmationevidence.com/ 		0
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://confirmationevidence.com/err.gif?sid=H4sIAAAAAAAC%2F%2BxWXWwjV9kep19VfaI3FAmJi0qWTKNWNJP5tcetVlESx%2FHf5s%2BOHecmPTPnjH3i%2BcucGdvx1dpZ2i0tIhRVsFIB75v9X8pSgVRVUEAJd5FAMggpvVghDVuxQuKCWxBCzqbasgJxwSUcjXSeOe85z5znnXeeOa9eCe9xAoToJDjv9qhloWmVF%2BLP16iD3Q6LL1XiosALL8dr1EkqL8e7SeWF%2BKznWaRG9CINplU5xcvJ%2BPPFXOV86cW4RVskvkiMlvtCfL7puzaZFkWFF3g1Jau8mNbiZWQin56tA%2Bq9K0oqr0q8nOTFlAZd%2F7EBFsaAoRjg9j3uGaB49JlM%2Fa9AjUNw7B9kCGsFrvfigh1aKHB9aOMb607LcTsO2I%2Bg6cfAdG6czQaXjTjuWxPgOjfOdILbvjrWCTodcbEHW6A71x9uH%2FT2gSgqoFuw7YGOOei0D4FYh0DRIRjuHlDsgoGhsAKOfa2APOQ8DKFxaMQ9mZsC2hlxTzaq4Ni3URh3HRJ3SABdcwi0ewi0cQheeARB7%2F%2BBdo7ACAZA8S%2B5%2BEtfBce%2BWXR9uotsBBSffFFNm4agIXNKlQR5StEEZUoXiDalEglraWxKaTl9mhxKD4Gah2CRfUBsAkIWg5DGIDQnIPQmwMYn8aSe1ASc0kycFmVRN5NmSjWwLhGSThlSWoTQGGvYh8DbB8PaB8O%2FAJ5%2FAVp0H%2Fzw58CaQ2A4BizgoI2H0CEcdBgHHcRBh3LQCcbpGl7DFpPY8Dq2WKiLZ7101svDAzdoXEHX3KBBHO6Kd4%2F77Gni%2FvinGLTISZxIgqSrumQqpqarsmhoKCkKEkEIJQ1DEoHRIVA2AYjFoEdH3Ofefx688Xu8egQ6OgJmHYFBnwAUPguoc5CSBEDNA0UToOd8iALkI9akLaSTBrIpT33EwsClvOHagN0heMH%2FQbAbu2Ld475wurH5Z%2B4DMY5nfvfl1ycv%2FuopMPwheP4QtukvOGhYlw7W3A53dc3tMO69ZS%2BgNu2hgLpOOUAB4W4XyW7H9XE%2Bw%2FZvzRrjwBh%2Br0JYUEIOpk6DcXfmKMbEz7q%2BQbgP86xG9JWQNedC3wm90sp8Nm97PmGMus4hIDriuD%2BPwKAj7umLidMafu6pI6D%2BEfjhRxONZhB47KXpaY8yyuyxsGljRqc4j895IWtuSYIkCylRFjRREpJbuqgqaR0ZW5KWQluKIUlbSJbIFpEwSiWV8Ww8aRIyXi%2FLijrpmibx8%2FicKqdTWnISowCdU01dXmuvLm6GaDuolKSuYCy4%2FMr6XLa8Xi2srW%2Fmyj3%2BfKNQQJWWuFoVqwW7vrmNC2S7pZL6tiW2NuxsuaaExCuEDiuKOvWyxMjNtQ1HbTlFXjQdKYu0cqbhNDstVsp0SjtBu7TT6mh8qeUtyKXeulqYF9cqYrdW3TYY2cBJXMlukhyZba7PKhv54hJVdjIVK1uuWtn1dTEgNVGtbyxWrYpbXLPUZcuprfnITjv6RpZ6O6pmbCzJxoYl45zHYzmcb%2BaWk6yUVLZT8gLRnMWeEaY7BXu51VuVz%2FeYtkK7HX1hM9nIpUV9PTu7KlQzZWGzsCbOFSsLQdnMz61Wq1W9Wa%2Flm1WrUc%2BHxXphrlGv8%2BXNWm3TKgSeU%2FC6xsZcW3eyPa9GFQ%2FtZsxakrEkXzCVwlSzXsw1nZ1UOxVWt%2FPSSqu%2BsoRq61PLGYNfqWh8SV4Ky5WubOayClY2MyRHFmhuJ9Nwd1Yr9WK56S5vbG%2BGK3YyW9vIpo26lW7VRXUb1boOqnk7ut3tGbV0aNSSXVb0doISSgV1pIT%2Bzi4uLUuhj1YnMTsngh0ez7z6yv1nn7v9I6DuERjexVuJRCVfKS0kEifZaO870eBOtPd2NDiI9n4Sj%2FZuRYOr0eDH0d4Po8EHUf%2F7H7%2Fz%2Bv2vfPDxO999cHk%2F6r95%2F9Jr0eDNqH896l%2BM%2Bj%2BN%2BpejC4O7iURmoTy%2Fll%2Bp5JeXEomTVx7jjfp3osGlaPDG73%2F27T%2B8%2B340eOsh7Xi8fzkavHEK7kYX%2BlH%2FG%2BNr8FY0uBvt3Y729sag%2F83TJ34t6g%2Bj%2FttR%2F%2BLdRKI0u7a4sJU%2FP7s4VrL0yQel6WklxQeuN01t1CBs2kC2h2jDYdOGT1BA2zTYnTqNTUmKoIqqPCUmNUmWJVXSVEmQeM9p3Ewk8vOnUnKfEHdDKYX%2BLfG%2FpgTmHXNnDZjLgW89ute9GHTCjya6%2F8QX8H%2FqC495wadt4n%2B%2B8N%2FnC9Q79w%2FHuVOjOPAl%2FXjmpjj5oPubv4FFR9y88RewyPHMrc%2B%2F9qWJpwuA9CEw8qmSfYSvsEvQ8GOAgj1w7CG0%2FSG0rSEgax9Y%2BMRB4PnHM7%2BWTxvoVuxAt%2FzYVd3yra8%2F%2FHUzehJXDSzJqqoJWCWirJtSyjCwIBE5lUqpskkgYCN8973f%2Fh0AAP%2F%2FAQAA%2F%2F%2F0SOtSHwsAAA%3D%3D&errd=no%20impr%20and%20no%20err
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
4d2f3afa0498c5ab06607abb20d03262
Expires
Thu, 01 Jan 1970 00:00:01 GMT
animate.css
cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/css/ 		0
0
style.css
cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/css/ 		0
0
script.js
cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/js/ 		0
0
sbls
confirmationevidence.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://confirmationevidence.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fsaptiledispatch.com%2Fsb%2Fnotifications%2Fcinema%2Fdefault%2Fus%2Fall%2Fclose-rtb%2Fv2%2Findex.html&l=1267&fd=422.29999923706055
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://bapakesans.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 08:12:06 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ Frame F382 		0
0
close.png
cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/img/ Frame F382 		0
0
number.png
cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/img/ Frame F382 		0
0
creativity-2405153-16823325285202.png
xu27a.top/images/campaigns/ Frame F382 		0
0
Primary Request /
uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/ 		32 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Requested by
Host: bapakesans.web.app
URL: https://bapakesans.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f083603c9e148377fc564395b432615762ac0ea3c5676321d6e5714d25b4aa7

Request headers

Referer
https://bapakesans.web.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e600f1fefe4e370-NRT
content-encoding
br
content-type
text/html
date
Thu, 13 Jul 2023 08:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=206i0sZ%2B1f01wkpmdKdsIrjay%2Bh7ekyKL2X7KOxHQmGfvkSIcszzeaYDw0al%2FpmCADIuV9DSaMnLrG3oFpLVApMkulVJ8wQGUNOi4Zy760m1oTnpN8ilvPwd0MWLyCgO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ 		728 B
849 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=67223&uid=333ba37d-bbff-4750-ab21-899ac01218bd&kw=download%20install
Requested by
Host: uidhealth.com
URL: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87dd47b7002e26462f77e38236737bc38adba269e0d88fba0b4f84f466ea0bc7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://uidhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
model
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2F171BClKnRD7p8srslZh4uoeEEINZHZ1dUj9BtfN8YT%2Blrok160g8M%2B9%2FdzcgvqbSsz%2BT7BNz%2B8okO9Ww6BPoWqni65nHrO1l2h03bUbAiSsiiVsfgnNKnLZGzSJCsyxU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7e600f21fba9dfe9-NRT
alt-svc
h3=":443"; ma=86400
conf.json
uidhealth.com/hood/dWlkaGVhbHRoLmNvbQ==/ 		49 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidhealth.com/hood/dWlkaGVhbHRoLmNvbQ==/conf.json
Requested by
Host: uidhealth.com
URL: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55c78b85d253b57df241ddb882458a36054a25eea8ef4f34fc5ae1d1bee4f47

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 26 Jun 2023 13:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"649996f6-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zhsxi%2Bh0HsVi14b%2Bd2dyWinEAlU1ps%2BzQx7UgavRkIMDwNEHtUkJ2P2RIkcTFD56FZwJNI24MAhZJSTqFast1bqkALjwCBTPpFJ8e2oOpbZ76xwJDx4GF7boRVibY4Sa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
7e600f2159abe370-NRT
alt-svc
h3=":443"; ma=86400
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpeg
ht.js
sdk.ocmhood.com/sdk/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT
Requested by
Host: uidhealth.com
URL: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877f4a79014d254e9bce53ff8cffbf4ed9be0f2aa580cf88288b91b693b604fa

Request headers

Referer
https://uidhealth.com/
Origin
https://uidhealth.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5772
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Mon, 03 Jul 2023 11:37:45 GMT
server
cloudflare
etag
W/"64a2b309-46f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyktDWjszzG7lfyMbGowzpbHQpK88nFlLMdF%2BiIHUGTxAiDUwjeGJijgwklgywY%2Be2JpxrNWi2RTkcJ4euRG01c00IFv4IT6dV3OutdBYFuLdw9KJZxEcRadRCNksv3rng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7e600f24ffcbe086-NRT
NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT.js
cdn.ocmtag.com/tag/ 		191 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b6db8653aad5de3660e14b8d58d89b3dcc8f8e4584e2d1b843062f873c4dbc

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://uidhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Jun 2023 13:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
130
etag
W/"6499947f-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r70lps68PVpjqoEERVBza%2Bs6jn4Ffn8EuYLhKo6zAlwTrWCZz%2FblqvH%2BE2St6RRgHqzXj6MjNOF8HAZNFXljM%2FJj8RZ3BzVaVrJYMIDgvPRLfW0AjLPztPlkysq9OvDj6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7e600f27a9263c0b-NRT
alt-svc
h3=":443"; ma=86400
imp
t.cn-rtb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.cn-rtb.com/imp?l2=WzH9zlqKNtUXE_yXZcY17qnTAhyruwH_1I_fHwc9c5uF4wKJy_4hOUeSInsKr8xmUS0_gxbBlnBRsY5nGyxZ5mavjm0e6-ZnxIXgvbKr2lj4Pb4SEmVju9SVzqj62EmRt_TkRA4vwexQlPOGx7-la_mPY0wt4nRAb09P0v2RzBYQgI5xB7Lq6t9GSd0bMnxg
Requested by
Host: uidhealth.com
URL: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://uidhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 08:12:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2C272xdgqXn4vrxy1V%2FKj4qwChY3BSMvVXh0iX6ufSyTBEqKRjBiipou7ab%2BvhKFMwlzXrjbUB%2BZv4z%2FIH9%2FdxrC%2Bfh9TNONdIlPSCJDNm5teFhNz0y4HbXa2AFRDY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7e600f2628d5dfe9-NRT
alt-svc
h3=":443"; ma=86400
pixel
xml-v4.explorefast-1.com/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xml-v4.explorefast-1.com/pixel?i=qxaFBfqleSg_0&p=1689235927.323819
Requested by
Host: uidhealth.com
URL: https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271b47dca294acd09a7221baa9a8219c&sid=15658203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://uidhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2023 08:12:08 GMT
Server
nginx
Age
0
Content-Type
image/gif
Access-Control-Allow-Origin
https://uidhealth.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
activity
t.ocmhood.com/v2/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uidhealth.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 08:12:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF0rX1FZSSsmfemQHyI1IVCssCT8KXu%2BFhHaK2ADPOBmME9rHRYMbAjhhbSNbfNxtJ8u87MinMriad9bHwu%2Fr5L0XuhCLkxD7x4HC4FjF9HxzTkJ0LcSczCLtgbpUKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7e600f2a5cb7af85-NRT
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://uidhealth.com/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 08:12:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NqXBcKucoyR0nwvuNYOBhHdWq5LIqV74c8daItGLAZMu%2FACWfjcE9CCJed5V9OwQgk0MiEIoTRn06lhLOrqRN3z4ytNHvPhJrGQVZGNOOfs%2B5xRmjCDtcY5ZNnM9ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7e600f2a5cb8af85-NRT
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
exi8ef83z9.com
URL
https://exi8ef83z9.com/be38cd9b331fd365a7f196ec07814137/invoke.js
Domain
uidhealth.com
URL
https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=2713c01369a2929f571fd583a46e3d3c&sid=15619055
Domain
uidhealth.com
URL
https://uidhealth.com/V3AhNOPVWTzYWIJ0ntpd1HKz08T6zQBLofDvgFDxC60/?cid=271e3eab8cda44aa4fa4142e1176aa71&sid=15622013
Domain
offer.advotionhot.com
URL
https://offer.advotionhot.com/click?pid=2&offer_id=3882&sub1=27145a8ee3722e2f2a858a192b5e700d&sub2=15338330
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/css/animate.css
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/css/style.css
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/js/script.js
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/img/close.png
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/notifications/cinema/default/us/all/close-rtb/v2/img/number.png
Domain
xu27a.top
URL
https://xu27a.top/images/campaigns/creativity-2405153-16823325285202.png

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block object| sParams string| cc function| Hood function| NjY4ZwSkNAFfmDQ2DFIxNDY4MjE0NmbT

44 Cookies

Domain/Path Name / Value
www.heartpage.jp/ Name: AWSALBCORS
Value: sHatizeHYU5eBxnAEoMijv74sNTaQZhX56V+IJ2bJL24e8fHu3DMk8ap+J9ENHzCVcTNaigxB3jSVWA3FiQsM48Bg/rmjvjC6nIHLY7Mb9CaSUp1KbrOH2cidxZg
simplewebanalysis.com/ Name: uid_id2
Value: a66e8a22-1277-43a0-aea5-7f6df6a7bdab:1:1
bapakesans.web.app/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: a66e8a22-1277-43a0-aea5-7f6df6a7bdab%3A1%3A1
bapakesans.web.app/ Name: sb_main_e202b5b2f4f8b531c8a6102eaaa6cc21
Value: 1
bapakesans.web.app/ Name: sb_count_e202b5b2f4f8b531c8a6102eaaa6cc21
Value: 1
jestthankfulcaption.com/ Name: u_pl
Value: 15619055
jestthankfulcaption.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTYxOTA1NSwiayI6IjVlOTY0OWVkZmU1NmYzZDBkZDkwNGZhYmE1NjdhYzBjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjkyMDcyLCJwaWQiOjEwNzcxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJpcnN6NWp2dCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxODkwMjg4NjAsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjUyNzksImJuIjoiQ2hyb21lIiwiYnYiOiIxMTQiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxMTEsImMiOiJKUCIsIm4iOiJKYXBhbiJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6ImF1IG9uZSBuZXQifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JhcGFrZXNhbnMud2ViLmFwcC8ifX0.azHliJz6gEdFeJH7EOhwLmLK5ZkGYSBoyusArep-Vts
exactconfigurationhasten.com/ Name: u_pl
Value: 15622013
exactconfigurationhasten.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTYyMjAxMywiayI6ImJhOGZkOWU3YzJjMWI0M2NlNDVjNmRjMGVhZTU1MmMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzU5ODc4LCJwaWQiOjEwNzcxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ2aW1qcjduOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxODkwMjg4NjAsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjUyNzksImJuIjoiQ2hyb21lIiwiYnYiOiIxMTQiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxMTEsImMiOiJKUCIsIm4iOiJKYXBhbiJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6ImF1IG9uZSBuZXQifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JhcGFrZXNhbnMud2ViLmFwcC8ifX0.x8WZntR9ib0dbBBzfzREWFcV0FtvZ6YONlH_og3G-w8
manurepungentfew.com/ Name: u_pl
Value: 15338330
manurepungentfew.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTMzODMzMCwiayI6IjI1ZGNlNTQ3ODRjYzFmN2EwNDRiNGE0ZGVkZWIzMTMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjkyMDcyLCJwaWQiOjEwNzcxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InBwZ3QwZnNkeCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxODkwMjg4NjAsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjUyNzksImJuIjoiQ2hyb21lIiwiYnYiOiIxMTQiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxMTEsImMiOiJKUCIsIm4iOiJKYXBhbiJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6ImF1IG9uZSBuZXQifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JhcGFrZXNhbnMud2ViLmFwcC8ifX0.MKSLC2HlP11n2HZ0tL-_sanlNCnb5h3u7YkBZ5sPx7M
jestthankfulcaption.com/ Name: uid_id2
Value: a66e8a22-1277-43a0-aea5-7f6df6a7bdab:1:1
jestthankfulcaption.com/ Name: iprc24ec9231e2cea2f4f9f087aba5669442
Value: 4426669
jestthankfulcaption.com/ Name: pdhtkv
Value: true
jestthankfulcaption.com/ Name: uncs
Value: 1
jestthankfulcaption.com/ Name: pdhtkv32
Value: true
jestthankfulcaption.com/ Name: uncs32
Value: 1
exactconfigurationhasten.com/ Name: uid_id2
Value: a66e8a22-1277-43a0-aea5-7f6df6a7bdab:1:1
exactconfigurationhasten.com/ Name: iprcba691da5a5d67e0dccc66f370861f3fd
Value: 4426671
exactconfigurationhasten.com/ Name: pdhtkv
Value: true
exactconfigurationhasten.com/ Name: uncs
Value: 1
exactconfigurationhasten.com/ Name: pdhtkv23
Value: true
exactconfigurationhasten.com/ Name: uncs23
Value: 1
confirmationevidence.com/ Name: pdhtkv
Value: true
confirmationevidence.com/ Name: uncs
Value: 1
confirmationevidence.com/ Name: pdhtkv29
Value: true
confirmationevidence.com/ Name: uncs29
Value: 1
confirmationevidence.com/ Name: slece202b5b2f4f8b531c8a6102eaaa6cc21
Value: [4395749]
bapakesans.web.app/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: confirmationevidence.com
manurepungentfew.com/ Name: uid_id2
Value: a66e8a22-1277-43a0-aea5-7f6df6a7bdab:1:1
manurepungentfew.com/ Name: iprc9a7a33066b4a20d74dbe014239269707
Value: 4426660
manurepungentfew.com/ Name: pdhtkv
Value: true
manurepungentfew.com/ Name: uncs
Value: 1
manurepungentfew.com/ Name: pdhtkv5
Value: true
manurepungentfew.com/ Name: uncs5
Value: 1
confirmationevidence.com/ Name: u_pl
Value: 15658203
confirmationevidence.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY1ODIwMywiayI6IjJkMjU2MzE1MTUzNDUzMTJlZDgyYTE4MjdjYTljMWRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzU5ODc4LCJwaWQiOjEwNzcxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJuMHczeWliOTZ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE4OTAyODg2MCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyNTI3OSwiYm4iOiJDaHJvbWUiLCJidiI6IjExNCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjExMSwiYyI6IkpQIiwibiI6IkphcGFuIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiYXUgb25lIG5ldCJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmFwYWtlc2Fucy53ZWIuYXBwLyJ9fQ.-Jdkwm1XkkBp4wLEvOeUe1sUfhnKFG4en7PJ5G6amZk
confirmationevidence.com/ Name: uid_id2
Value: a66e8a22-1277-43a0-aea5-7f6df6a7bdab:1:1
confirmationevidence.com/ Name: iprc421ef697922dec0f448b4950116b115b
Value: 4426670
confirmationevidence.com/ Name: pdhtkv27
Value: true
confirmationevidence.com/ Name: uncs27
Value: 1
uidhealth.com/ Name: session
Value: IrqEEsiPWwkFG7HbXHwcBysnbogUpHfz
.uidhealth.com/ Name: _ht_v
Value: 1689235928.5468076415
.uidhealth.com/ Name: _ht_s
Value: 1689235928.2

12 Console Messages

Source Level URL
Text
network error URL: https://bapakesans.web.app/img/grid.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.heartpage.jp/storage/img/article/20200817/938/image
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://bapakesans.web.app/(Line 774)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/ba8fd9e7c2c1b43ce45c6dc0eae552c0/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 774)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/ba8fd9e7c2c1b43ce45c6dc0eae552c0/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 787)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/5e9649edfe56f3d0dd904faba567ac0c/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 787)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/5e9649edfe56f3d0dd904faba567ac0c/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 800)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/25dce54784cc1f7a044b4a4dedeb3131/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 800)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/25dce54784cc1f7a044b4a4dedeb3131/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 812)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/2d25631515345312ed82a1827ca9c1df/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 812)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/2d25631515345312ed82a1827ca9c1df/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 825)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/be38cd9b331fd365a7f196ec07814137/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bapakesans.web.app/(Line 825)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://exi8ef83z9.com/be38cd9b331fd365a7f196ec07814137/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
ajax.googleapis.com
bapakesans.web.app
cdn.creative-bars1.com
cdn.jsdelivr.net
cdn.ocmtag.com
confirmationevidence.com
cse.google.com
exactconfigurationhasten.com
exi8ef83z9.com
feed.cn-rtb.com
fonts.googleapis.com
friendshipmale.com
i0.wp.com
images.weserv.nl
japaclip.com
jestthankfulcaption.com
manurepungentfew.com
offer.advotionhot.com
saptiledispatch.com
sdk.ocmhood.com
simplewebanalysis.com
t.cn-rtb.com
t.ocmhood.com
ts2.mm.bing.net
uidhealth.com
www.google.com
www.heartpage.jp
www.silhouette-illust.com
www.statcounter.com
xml-v4.explorefast-1.com
xu27a.top
cdn.creative-bars1.com
exi8ef83z9.com
fonts.googleapis.com
offer.advotionhot.com
uidhealth.com
xu27a.top
103.141.97.99
104.20.219.77
104.21.11.9
104.21.21.106
104.21.233.142
104.26.7.228
13.251.164.148
142.250.199.97
142.250.207.4
151.101.129.229
157.112.152.40
172.217.161.46
172.217.26.234
172.64.162.2
172.67.163.98
172.67.218.143
173.233.137.52
173.233.137.60
173.233.139.164
173.239.53.32
192.0.77.2
199.36.158.100
204.79.197.200
54.65.137.42
06ed6514f6a1512c7e5dd9aee6d280a2dca2267cc500e09383310bb1bc214ed4
0ee17ec67aeedbfb085cf1450d826d4b7dfcb1b17e3bbad065be85018c12b52d
13b1019bbe9e846f39b40c02e296d157db0e31820b826772c79353bf5e48249f
141b5f72373c3b8ee67abe919c5fa6045cf37ebd759165abb9e2bc27a42f26f8
1433fc2436d47172c609d3425599f2dccb9467ef445486619a750cdf10961783
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
31ab306cdff631c3aaac808617f46161c722fcfa4fe69be61686ba1068291902
47e89d084225c788dc7fd2895b58e9a0af0863da7afa0612e9f003a7294da58c
4bf902c22f45a327dc7e4f61b053e93459c2e571c405515b50e61bfb9777ebcb
6f083603c9e148377fc564395b432615762ac0ea3c5676321d6e5714d25b4aa7
74025e1c26208c4f852a6930f0f145e706ee634c8709ad16d1890f5acf504d87
7766949dd9bd8b9d8a8dae229baa87974c65645ec947ce890e4fa5966a3e2227
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
78fd38fd7a9608a1c0dad6901e456eab67b81e8a13f1e4d9f3790a27879acebe
877f4a79014d254e9bce53ff8cffbf4ed9be0f2aa580cf88288b91b693b604fa
87dd47b7002e26462f77e38236737bc38adba269e0d88fba0b4f84f466ea0bc7
920b63e5b65b7407743e5e033195767e57e34ddeea36ff34eb778aa9b8e9f4dc
9f32ac90520845ad2f6cf25caad427e145305c00a3be654ff6ef876acb622a87
9f41e4100d9627a1a873a730d6e96bc5117251d1093d8217242922bb12470303
9fed6ff7a90699fc09b4dfbb0dd2fd3aae868a7da8f168a35b62e7b8c9b97b89
a643fe787f1ab9f9ecfb916eefa7b07679684772cfc43da18ed706f6a69a24d0
ad23771ee9bf4f89c380e6b72ec302600dc8fb0b9aedc38933d98269a6d52a17
b63af82dd80d8d0b44fa7e4ca07446d5fe6e44bab3c86f7733999168ae251fb5
b8ab990a746bbb643b6f33f82a00291f426a9038be3ee5dac28c78cb34821e45
bef3aff61a2f9b1503c4a49ecdf95c69c383dd123ef20f8db9fbf0f5cdf8ec58
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
c9ac7e5b31f7c644407a0f721cf4190fe84756ce0f58510409d7bcde4e976d79
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e08f522739129390e819b160cd81ba623477e892ac3488c94a38b955dcc0ed72
e25f9841946ec6dbe16e0b9b9f38e278dc5e2d7cb6df6bc16f8c4b423e282f1b
e397f6dd12c332884a7081ca22c6fc72f8707c4f6b31257af9d40d37798eb0bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5be0c3483138abfc50dae40ad4ebc51443cf8693b3cee01469d88bcf36bfd76
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd
ecf2ff5287363b54acc297f1ae0e3bef8d9d63b6abd81aeb1c4684c824452fe9
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
f4b6db8653aad5de3660e14b8d58d89b3dcc8f8e4584e2d1b843062f873c4dbc
f55c78b85d253b57df241ddb882458a36054a25eea8ef4f34fc5ae1d1bee4f47
f5774ff804d4a98f6b7da2f167c66208a9e5bcb07497852cefb409da577ede5b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe6f937d9b01df7311a1c5f6de9d3536b3b99350deb79d638a37b012407d0113