www.paypayflower.org Open in urlscan Pro
2404:6800:4004:81c::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://paypayflower.org/
Effective URL:
https://www.paypayflower.org/
Submission: On February 18 via manual (February 18th 2024, 10:54:24 am UTC) from JP — Scanned from JP

Summary HTTP 47 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 47 HTTP transactions. The main IP is 2404:6800:4004:81c::2013, located in Australia and belongs to GOOGLE, US. The main domain is www.paypayflower.org.
TLS certificate: Issued by GTS CA 1D4 on February 14th 2024. Valid for: 3 months.

This is the only time www.paypayflower.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81c::2013	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
15	2404:6800:400... 2404:6800:4004:823::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
1	47.89.219.37 47.89.219.37	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
47	10

1 2001:4860:4802:38::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

paypayflower.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81c::2013 (Australia)

ASN15169 (GOOGLE, US)

www.paypayflower.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1109024654-atari-embeds.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.89.219.37 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www.cutercounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googleusercontent.com lh4.googleusercontent.com — Cisco Umbrella Rank: 995 lh3.googleusercontent.com — Cisco Umbrella Rank: 59 lh6.googleusercontent.com — Cisco Umbrella Rank: 1081 lh5.googleusercontent.com — Cisco Umbrella Rank: 217 1109024654-atari-embeds.googleusercontent.com	3 MB
13	gstatic.com www.gstatic.com fonts.gstatic.com	963 KB
11	google.com apis.google.com — Cisco Umbrella Rank: 128 play.google.com — Cisco Umbrella Rank: 44 drive.google.com — Cisco Umbrella Rank: 323	172 KB
4	paypayflower.org 1 redirects paypayflower.org www.paypayflower.org	17 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	3 KB
1	cutercounter.com www.cutercounter.com — Cisco Umbrella Rank: 247636	325 B
47	6

	Domain	Requested by
9	www.gstatic.com	www.paypayflower.org www.gstatic.com
7	apis.google.com	www.paypayflower.org apis.google.com www.gstatic.com 1109024654-atari-embeds.googleusercontent.com
6	lh3.googleusercontent.com	www.paypayflower.org
4	fonts.gstatic.com	fonts.googleapis.com
4	lh6.googleusercontent.com	www.paypayflower.org
3	lh5.googleusercontent.com	www.paypayflower.org
3	www.paypayflower.org	www.gstatic.com
2	drive.google.com	www.gstatic.com www.paypayflower.org
2	play.google.com	www.gstatic.com
2	fonts.googleapis.com	www.paypayflower.org
1	www.cutercounter.com	1109024654-atari-embeds.googleusercontent.com
1	1109024654-atari-embeds.googleusercontent.com	www.gstatic.com
1	lh4.googleusercontent.com	www.paypayflower.org
1	paypayflower.org	1 redirects
47	14

This site contains links to these domains. Also see Links.

Domain
lib.ebookservice.tw
ebook.hyread.com.tw
www.google.com
www.facebook.com
vocus.cc
play.google.com

Subject Issuer	Validity	Valid
www.paypayflower.org GTS CA 1D4	`2024-02-14` - `2024-05-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
cutercounter.com R3	`2023-12-30` - `2024-03-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.paypayflower.org/
Frame ID: 5D61E0C45AE6EE1AE5050A6A142FED3B
Requests: 36 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: C731475B85704DD49D27FEEEB65070FC
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__&r=963928391
Frame ID: 60FF336E5857CACE78CB8CA506A56C15
Requests: 3 HTTP requests in this frame

Frame: https://1109024654-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Frame ID: 9D9B77EAFC7B2357C9181EC48CB9A779
Requests: 3 HTTP requests in this frame

Frame: https://www.cutercounter.com/hits.php?id=huxoqaqc&nd=6&style=17
Frame ID: 5AF2EB748CDBC1253B517AD346ED0908
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

紫兒佩佩自我療癒作家

Page URL History Show full URLs

https://paypayflower.org/ HTTP 301
https://www.paypayflower.org/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

47
Requests

96 %
HTTPS

90 %
IPv6

6
Domains

14
Subdomains

10
IPs

2
Countries

4099 kB
Transfer

7077 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://lib.ebookservice.tw/nt/#search/%E9%BB%83%E4%BD%A9%E5%A6%82
Title: 借佩佩の書

Search URL Search Domain Scan URL

URL: https://ebook.hyread.com.tw/searchList.jsp?&sortinfo=YEAR,1&search_field=LU&search_input=1087

Search URL Search Domain Scan URL

URL: https://www.google.com/search?tbm=bks&q=%E7%B4%AB%E5%85%92%E4%BD%A9%E4%BD%A9
Title: Google佩佩

Search URL Search Domain Scan URL

URL: https://www.facebook.com/peijuflower/?locale=zh_TW
Title: FB佩佩

Search URL Search Domain Scan URL

URL: https://vocus.cc/user/@paypayflower
Title: 佩佩方格子

Search URL Search Domain Scan URL

URL: https://play.google.com/store/books/details?id=2BHxEAAAQBAJ

Search URL Search Domain Scan URL

URL: https://play.google.com/store/books/details?id=vAjtEAAAQBAJ

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D360778&sa=D&sntz=1&usg=AOvVaw0oFTCy2gdg3MtKwxrxT98u

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D351146&sa=D&sntz=1&usg=AOvVaw15gqPXN2_KAjpm-Vp7zsio

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D342547&sa=D&sntz=1&usg=AOvVaw0CA9tO-QSF5bRBymio8vAl

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D346005&sa=D&sntz=1&usg=AOvVaw2yKa373qxLwn9Hy6ZIaIe-

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D355533&sa=D&sntz=1&usg=AOvVaw2ghflinpfhfBeuPrpO5tyh

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D333556&sa=D&sntz=1&usg=AOvVaw0ff-67R1GDp894WVkhOl3e

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D338453&sa=D&sntz=1&usg=AOvVaw31srRhd8yf5CpwIoVyq-j7

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D333557&sa=D&sntz=1&usg=AOvVaw1S7Aqvjeb4CcucZ5XeVM_j

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D338452&sa=D&sntz=1&usg=AOvVaw2O0-tYc3FPCvvWJ1Aoouga

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D311747&sa=D&sntz=1&usg=AOvVaw2glhemqzGtmur6OwA_7IMO

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Febook.hyread.com.tw%2FbookDetail.jsp%3Fid%3D342546&sa=D&sntz=1&usg=AOvVaw3YBs6k-birkTjDtxgdpUJj

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paypayflower.org/ HTTP 301
https://www.paypayflower.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.paypayflower.org/
Redirect Chain

https://paypayflower.org/
https://www.paypayflower.org/

93 KB
17 KB

358ms
298ms

Document
text/html

2404:6800:4004:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bedce13974cf69b7435c60aec35826e9680cf4ee14e38b9c840a5ff2d7513d9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self';report-uri /_/view/cspreport;script-src 'nonce-kO990rh9DUQD6pOvmHKoAw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'self';report-uri /_/view/cspreport;script-src 'nonce-kO990rh9DUQD6pOvmHKoAw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sun, 18 Feb 2024 10:54:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

content-length: 226
content-type: text/html; charset=UTF-8
date: Sun, 18 Feb 2024 10:54:18 GMT
location: https://www.paypayflower.org/
server: ghs
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 7 KB
761 B 90ms
46ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b4a8967bb22b9e8ecd9b7a906ea3dbb5999d3f2c40a8b817df5565c1421c4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 10:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 18 Feb 2024 10:54:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 88ms
45ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9d17cebb8e59c8f8cfe474941048ee06c99d4dae94c23cb3962eb6a9fd551cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Feb 2024 10:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 18 Feb 2024 10:54:19 GMT

GET
H2 200 rs=AGEqA5lzVHI6j1LhrAXQJCseHMhnk48P7Q
www.gstatic.com/_/atari/_/ss/k=atari.vw.VtgqTsC0vDQ.L.W.O/am=gAE/d=1/ 1 MB
160 KB 52ms
3ms Stylesheet
text/css 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.VtgqTsC0vDQ.L.W.O/am=gAE/d=1/rs=AGEqA5lzVHI6j1LhrAXQJCseHMhnk48P7Q

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b135539deba659681e02b5b02f4125c3bf81ae15f859356a9da3fdcac4b876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 04:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163623
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 22:16:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 04:51:14 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 18 KB
7 KB 130ms
41ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f65dde9539deaaa7421bae8405a636a427dae4ad09b50a44fb374b6545276ba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Feb 2024 10:54:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "36cf15e8ecc0b9ea"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Feb 2024 10:54:19 GMT

GET
H2 200 KCeVGwimQKdSNFW3djnovbmQV8Pi--61d2qQ1MmT6xfY3mtEjjKMcyZbA9dVi_d99Pu_lgViULjXp4SPt1TMtuI=w16383
lh4.googleusercontent.com/ 278 KB
278 KB 371ms
288ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/KCeVGwimQKdSNFW3djnovbmQV8Pi--61d2qQ1MmT6xfY3mtEjjKMcyZbA9dVi_d99Pu_lgViULjXp4SPt1TMtuI=w16383

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79f45e4de91af561dfe55b475676c01f717a2522e0f06b419972eba3599d59f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="s-__.jpg";filename*=UTF-8''s-%E9%A0%AD%E8%B2%BC.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284444
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 AKPJZsxUvW1gTocOUZGMaytNNqcteLg3GAOnpTYlQfDMEtvOP8dnfnURUr9vi0wnjQKxoPe2xkeAdtSwGckkUw=w1280
lh3.googleusercontent.com/ 249 KB
249 KB 331ms
286ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/AKPJZsxUvW1gTocOUZGMaytNNqcteLg3GAOnpTYlQfDMEtvOP8dnfnURUr9vi0wnjQKxoPe2xkeAdtSwGckkUw=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4fd34668b2edac5f21b63ced2a7e194338a8831ed775e85845d804241d35c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2-__0126.jpg";filename*=UTF-8''2-%E5%90%89%E5%B0%810126.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254676
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 wvZ7pAEQC41I3d_a733VHhkl9MhldbemCbRgvAb2uCbJeuMvSd3O0T_Y9DmkQJNmO5JP4TohJUM-JOhjBrI5i-Y=w1280
lh6.googleusercontent.com/ 196 KB
196 KB 293ms
278ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/wvZ7pAEQC41I3d_a733VHhkl9MhldbemCbRgvAb2uCbJeuMvSd3O0T_Y9DmkQJNmO5JP4TohJUM-JOhjBrI5i-Y=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ae6f68266b3156767542705328ae95c13653fed8a7eb366cec68cf8652bf723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="_______.jpg";filename*=UTF-8''%E9%80%99%E6%98%AF%E7%82%BA%E4%BB%80%E9%BA%BC%E5%B0%81%E9%9D%A2.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200890
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 lP6wUsjFd-NzD75Kts-qbyNsTZOx_eUbki-wk-D5j1by3mliAwKxJalY1YoxaxYhvA9MXpM08h8u1mERmZlFEGg=w1280
lh5.googleusercontent.com/ 153 KB
154 KB 294ms
252ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/lP6wUsjFd-NzD75Kts-qbyNsTZOx_eUbki-wk-D5j1by3mliAwKxJalY1YoxaxYhvA9MXpM08h8u1mERmZlFEGg=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

efb24a4236847394d8f07cad0dc6b7f6a58f74c8b4d084064540adcb5866c008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OK-___.jpg";filename*=UTF-8''OK-%E4%BB%8A%E9%81%87%E5%B0%81.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157064
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 vuWBUwyMb-jLZaXwUNJFcAuFrtaWFUq3vgDyQR-82HARLRe_--zuT1CdAT15YrSlJq5HINTQs3CzC51NcvI-85E=w1280
lh3.googleusercontent.com/ 210 KB
210 KB 251ms
239ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/vuWBUwyMb-jLZaXwUNJFcAuFrtaWFUq3vgDyQR-82HARLRe_--zuT1CdAT15YrSlJq5HINTQs3CzC51NcvI-85E=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

806814042251ab09602fdcbf1a798fcfc35d12adb8b9b0a83ec80de9f379a130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1005____.jpg";filename*=UTF-8''1005%E6%9B%B8%E5%B0%81%E5%AE%8C%E6%88%90.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215080
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 GCMlZdbm6IGqm_mh_jLxPj4il7gGbZHYzyPFkGt0E_J77gl9swDnmYiDMMnH1_SfkCrauPmw_TjskTnb-e5OWng=w1280
lh6.googleusercontent.com/ 178 KB
178 KB 581ms
570ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/GCMlZdbm6IGqm_mh_jLxPj4il7gGbZHYzyPFkGt0E_J77gl9swDnmYiDMMnH1_SfkCrauPmw_TjskTnb-e5OWng=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d32c71f99921b2dd9d5d5f7abc8df7584b131f4042e8af547fc8bd7a6ab70705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cover_0801.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182435
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:20 GMT

GET
H2 200 n6P70ejyimeHMrHGMsLnAaWkpQwfbwlVCvdzGj1fnlcCcADIyo_DvA40aZMgSPtsesCLqkFSsTOxn9S0fUYH6fQ=w1280
lh3.googleusercontent.com/ 182 KB
182 KB 305ms
295ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/n6P70ejyimeHMrHGMsLnAaWkpQwfbwlVCvdzGj1fnlcCcADIyo_DvA40aZMgSPtsesCLqkFSsTOxn9S0fUYH6fQ=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac8aeee2ae9ac431a6da8929b2db3be275e65d1692e1a91502ce46d067711f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____________.jpg";filename*=UTF-8''%E4%B8%8A%E6%9E%B6%E5%B0%81_%E6%88%91%E5%80%91%E6%B2%92%E6%9C%89%E5%BE%88%E5%A4%9A%E4%BB%A5%E5%BE%8C.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186411
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 MW-TzuSIjOVFlh1FaPPXADvXT4XoVh6NoBSWj0jnvIOmW4us4WYYIcrPchZ97btWGv_Pngo48rgQWGVv9MbDeek=w1280
lh3.googleusercontent.com/ 603 KB
604 KB 251ms
241ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MW-TzuSIjOVFlh1FaPPXADvXT4XoVh6NoBSWj0jnvIOmW4us4WYYIcrPchZ97btWGv_Pngo48rgQWGVv9MbDeek=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b57dd4ee721fe435e4a6e6a171d53a141b59eb8152009d437b47d06432a7082f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1108-______.jpg";filename*=UTF-8''1108-%E5%B8%82%E4%BA%95%E5%96%AE%E9%A0%81%E5%B0%81%E9%9D%A2.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617693
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 c8vZ2a6wMj7KUF5xwb8Ow-eDRQKZruNToHi4KegNcRZZpg0smvhAcvH5P-kI4S28lNWW8bGZHQfA5gU2l_DAwbZRX2Zh3bQ6NTS5y-RmbGtvy8fo42DE75Zl4DLQ3Oednw=w1280
lh5.googleusercontent.com/ 310 KB
310 KB 274ms
237ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/c8vZ2a6wMj7KUF5xwb8Ow-eDRQKZruNToHi4KegNcRZZpg0smvhAcvH5P-kI4S28lNWW8bGZHQfA5gU2l_DAwbZRX2Zh3bQ6NTS5y-RmbGtvy8fo42DE75Zl4DLQ3Oednw=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecfc08f88470753540defe4f83da44e753db2b7e718391b56a5b9ccc51d44e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0601____.jpg";filename*=UTF-8''0601%E9%83%BD%E5%B8%82%E5%B0%81%E9%9D%A2.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317168
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 lsTZO6__HAQtXLPrQXq6AomtC9Oqdz2TrJRmtvxucMEShjfYQeid51vJgkASF8FXZpOinVx1cBpaeItJS4shBy8e503k5bhcL_KjcARock9B26XU0ODslABkkDaguCibNA=w1280
lh3.googleusercontent.com/ 183 KB
183 KB 252ms
244ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/lsTZO6__HAQtXLPrQXq6AomtC9Oqdz2TrJRmtvxucMEShjfYQeid51vJgkASF8FXZpOinVx1cBpaeItJS4shBy8e503k5bhcL_KjcARock9B26XU0ODslABkkDaguCibNA=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69639bb6f8cc09e688bde3db7eb7e84dc1129c2b3797b8df739bf506245f451f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cover_0619.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187350
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 npRByt-2flDxadcuLCDNKBrOtnzwHAM1RtpX8A-kr5E3ZWvYRRQJJqULl-j9YGgvejlXZazucEzeTnO2vqRA2FwktAOtp6DsGeP0P5_ZM5nNJuq5OJYfqAnPPzgwyv6jcA=w1280
lh6.googleusercontent.com/ 126 KB
126 KB 287ms
279ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/npRByt-2flDxadcuLCDNKBrOtnzwHAM1RtpX8A-kr5E3ZWvYRRQJJqULl-j9YGgvejlXZazucEzeTnO2vqRA2FwktAOtp6DsGeP0P5_ZM5nNJuq5OJYfqAnPPzgwyv6jcA=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2fe54337ee8208dcae205d8ce2244ad904ef2749c35c37653ce3cf33ef2f62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0605cover.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128584
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 wQrRv9mdnGTAvnQFFa1Fk5G8EQxD2l2c6Nb3FHX8r6ghkHmA1eqoa8WJJYDmLfWb_BwGuhZcHx-e1jHUTBaYecLRukO3r1X7C8hfOuX4kaPnHhSbPd_qDonctCFCyqjdLw=w1280
lh5.googleusercontent.com/ 146 KB
147 KB 322ms
287ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/wQrRv9mdnGTAvnQFFa1Fk5G8EQxD2l2c6Nb3FHX8r6ghkHmA1eqoa8WJJYDmLfWb_BwGuhZcHx-e1jHUTBaYecLRukO3r1X7C8hfOuX4kaPnHhSbPd_qDonctCFCyqjdLw=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

092b154c56242a35e74ccfd097f67ead751acef0fa10a55e9d8caf7937af5aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0629______.jpg";filename*=UTF-8''0629%E7%AB%8B%E9%AB%94%E6%9B%B8_%E8%87%AA%E6%88%91.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150008
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 BONhTHI5V4o_ppF7eVy6s7Fzk4Ren4L6TF8qr9iH40mxw1DtBUBQ4n0yUxjaVTWP4eyAppBAnc2d1i4sv_Q5mHJk1QiI5VtMy4krPzBC15ROcLesGjOBcgiLqgwrX1KQfQ=w1280
lh3.googleusercontent.com/ 96 KB
96 KB 292ms
286ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BONhTHI5V4o_ppF7eVy6s7Fzk4Ren4L6TF8qr9iH40mxw1DtBUBQ4n0yUxjaVTWP4eyAppBAnc2d1i4sv_Q5mHJk1QiI5VtMy4krPzBC15ROcLesGjOBcgiLqgwrX1KQfQ=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3946b45e8e8c4b82cfa82b9c9d7e5fa3dc04b7daf8bc9d0665d686b454a2bba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98383
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 -BYncuu78Xt2zkIliW6q5tFMHCIwnhxesudObTZOHImzgyhgTlBSnfDhVaqZAQtYlLxjMxBPLHUaRJilys8VoInjWDCCaiO0PkAnlRF2hn4qM8VHS0oyFVktGtOgWwbLUA=w1280
lh6.googleusercontent.com/ 29 KB
29 KB 294ms
288ms Image
image/jpeg 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-BYncuu78Xt2zkIliW6q5tFMHCIwnhxesudObTZOHImzgyhgTlBSnfDhVaqZAQtYlLxjMxBPLHUaRJilys8VoInjWDCCaiO0PkAnlRF2hn4qM8VHS0oyFVktGtOgWwbLUA=w1280

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

76f030c7ce3523a2efa4df3579bbb3080e60285c0a95ccc1dcc16f263fca9461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:54:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="626705666.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29895
x-xss-protection: 0
expires: Mon, 19 Feb 2024 10:54:19 GMT

GET
H2 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/ 583 KB
197 KB 16ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2014db9950e4f7e584cfc9f396bc8a0fa8f4d4d20e05a331797800adaa009ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 06:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201750
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:28:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 06:29:33 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ 317 KB
109 KB 9ms
4ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47c5ce7700816767e28eedd199791717b178ab69ad1c6c85864b82e62883ded8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 02:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110922
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 02:55:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 44ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paypayflower.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 21:19:41 GMT
x-content-type-options: nosniff
age: 48878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 21:19:41 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v58/ 33 KB
34 KB 42ms
3ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paypayflower.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 14:34:47 GMT
x-content-type-options: nosniff
age: 73172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34024
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 14:34:47 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xpLjpSmw.woff2
fonts.gstatic.com/s/bitter/v33/ 32 KB
32 KB 45ms
6ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v33/rax8HiqOu8IVPmn7f4xpLjpSmw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21400901a0ec0322b4398d2d28324e085297e3eaa1fc8d3531967e8e14b86f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paypayflower.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 09:26:46 GMT
x-content-type-options: nosniff
age: 91653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33064
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:16:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Feb 2025 09:26:46 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 25ms
4ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.paypayflower.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 02:13:06 GMT
x-content-type-options: nosniff
age: 31273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33148
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 02:13:06 GMT

GET
H3 200 m=sy1d,sy1e,sy1c,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/ 37 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=sy1d,sy1e,sy1c,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6925c0a60491034e15ef986be7170cf9b29cf98fffa41b237f72258132c23f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 20:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12835
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:28:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 20:07:07 GMT

GET
H3 200 m=sy2u,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/ 855 B
524 B 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=sy2u,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff5a260fdf396ee8d94f6abe9ab7b3bf3c577a4b904a41857742e7c9b911e94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 14:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:28:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 14:31:57 GMT

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,sy2v,abQiW,W26a5e,hJUyqe,sy17,sy14,sy15,sy16,sy18,fuVYe,syy,PVlQOd,NPKaK,sy6,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy13,qkPXAf,qEW1W,oNFsLb,sy3u,y... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/ 1 MB
423 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,sy2v,abQiW,W26a5e,hJUyqe,sy17,sy14,sy15,sy16,sy18,fuVYe,syy,PVlQOd,NPKaK,sy6,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy13,qkPXAf,qEW1W,oNFsLb,sy3u,yxTchf,sy3v,sy3w,xQtZb,yf2Bs,sy2,sya,yyxWAc,qddgKe,sy2x,SM1lmd,sy8,sy7,syz,RRzQxe,zZvHmd,sy9,syc,sym,syb,fNFZH,sy2w,syn,RrXLpc,cgRV2c,sy11,sy1r,o1L5Wb,X4BaPc,syh,Md9ENb,sy1i,sy1j,syr,sy1g,sy1h,Ko0sOe,syp,syx,sy10,sy19,sy1a,sy1f,NlqxW,sy1l,sy1o,sy1p,sy1q,sy1s,sy1k,sy1v,sy1u,syd,sy1t,sy20,sy22,sy25,sy26,sy27,sy28,sy1x,sy21,sy2b,sy2i,sy1y,sy1m,sy1n,sy1w,sy24,syq,sy1z,sy29,sy2a,sy2f,sy2g,sy2h,T807ad,sy23,zmwrxd,sy2c,sy2d,sy2e,sy3,sy2j,sy2l,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,oy3iwb,sy2k,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,ZDEHrf,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,GNGeo,rJkXge,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,sy2p,UYjpC,vVEdxc,sy4,VYKRW,sy1b,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c9179c3055d178efddae3e89dadecaf646f42f82b19efd19c8cb8bd2391392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 11:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 432922
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:28:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 11:36:48 GMT

GET
H3 200 m=sy3l,IZT63,vfuNJf,sy3f,sy3j,sy3m,sy3z,sy3x,sy3y,siKnQd,sy3b,sy3d,sy3k,sy3o,YNjGDd,sy3n,sy3p,PrPYRd,iFQyKf,hc6Ubd,sy40,SpsfSb,sy3g,sy3i,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/ 29 KB
10 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=sy3l,IZT63,vfuNJf,sy3f,sy3j,sy3m,sy3z,sy3x,sy3y,siKnQd,sy3b,sy3d,sy3k,sy3o,YNjGDd,sy3n,sy3p,PrPYRd,iFQyKf,hc6Ubd,sy40,SpsfSb,sy3g,sy3i,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be36ceeefb348c3ecde7d8f34b3cfba3416ebf3a2c389be5dd6405e0e73a7db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10708
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:28:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 20:07:10 GMT

GET
H3 200 m=m9oV,syf,syk,Ae65rd,sy3q,NTMZac,rCcCxc,RAnnUd,CuaHnc,sy2y,sy2z,uu7UOe,nAFL3,sy2r,gJzDyc,sy30,soHxf,sy31,uY3Nvd,mxS5xe,syv,syu,HYv29e Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/ 38 KB
12 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=m9oV,syf,syk,Ae65rd,sy3q,NTMZac,rCcCxc,RAnnUd,CuaHnc,sy2y,sy2z,uu7UOe,nAFL3,sy2r,gJzDyc,sy30,soHxf,sy31,uY3Nvd,mxS5xe,syv,syu,HYv29e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dfb469514d5a63832c7bc2a2808a991e6da97c5817269d1f6e7ab4f0e64e7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 11:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12470
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:28:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 16 Feb 2025 11:46:20 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 87ms
41ms Preflight
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.paypayflower.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Feb 2024 10:54:19 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.paypayflower.org/_/view/ 16 B
201 B 351ms
351ms XHR
application/json 2404:6800:4004:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypayflower.org/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paypayflower.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 10:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 106 KB
36 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=0/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,sy2v,abQiW,W26a5e,hJUyqe,sy17,sy14,sy15,sy16,sy18,fuVYe,syy,PVlQOd,NPKaK,sy6,BVgquf,fmklff,TGYpv,KUM7Z,XDKZTc,sy13,qkPXAf,qEW1W,oNFsLb,sy3u,yxTchf,sy3v,sy3w,xQtZb,yf2Bs,sy2,sya,yyxWAc,qddgKe,sy2x,SM1lmd,sy8,sy7,syz,RRzQxe,zZvHmd,sy9,syc,sym,syb,fNFZH,sy2w,syn,RrXLpc,cgRV2c,sy11,sy1r,o1L5Wb,X4BaPc,syh,Md9ENb,sy1i,sy1j,syr,sy1g,sy1h,Ko0sOe,syp,syx,sy10,sy19,sy1a,sy1f,NlqxW,sy1l,sy1o,sy1p,sy1q,sy1s,sy1k,sy1v,sy1u,syd,sy1t,sy20,sy22,sy25,sy26,sy27,sy28,sy1x,sy21,sy2b,sy2i,sy1y,sy1m,sy1n,sy1w,sy24,syq,sy1z,sy29,sy2a,sy2f,sy2g,sy2h,T807ad,sy23,zmwrxd,sy2c,sy2d,sy2e,sy3,sy2j,sy2l,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,oy3iwb,sy2k,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,ZDEHrf,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,GNGeo,rJkXge,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,sy2p,UYjpC,vVEdxc,sy4,VYKRW,sy1b,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b59b0ee8076139b12dc329ebc51b40f55701a1f9d8fee9a103823ead204985b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 10:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36756
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:42:14 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 11:38:53 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ 261 B
211 B 3ms
3ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f663d89133b56be4ad686e84b608b5e7a760f8fbcf830a9ad7e4b5b99fea74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.paypayflower.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 17 Feb 2024 02:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 02:04:25 GMT

GET
H2 200 auth_warmup Show response
drive.google.com/ Frame C731 0
1 KB 216ms
165ms Document
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-DQLtz_5GB7kxMuo-UZbtQA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypayflower.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'nonce-DQLtz_5GB7kxMuo-UZbtQA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sun, 18 Feb 2024 10:54:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/DriveOsidBootstrap/web-reports?context=eJzjEtHikmJw05Bi2OHjweKUPoM1BIiFeDhuHz6-jk1gxo5ne5kBmhkLKA"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 60FF 2 KB
969 B 39ms
39ms Document
text/html 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__&r=963928391

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paypayflower.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 10:54:19 GMT
expires: Mon, 17 Feb 2025 10:54:19 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame 60FF 18 KB
7 KB 43ms
42ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__&r=963928391

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d589b80851934997657f105f130f05ffad98478dfe8b0be4313dc7efaadc95

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Feb 2024 10:54:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7115
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d447dc04d18594b8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Feb 2024 10:54:19 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ Frame 60FF 56 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc060de8bcb64d92924c71cd679444545d46e864962641e7a812e879f80642ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 00:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20434
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Feb 2025 00:57:32 GMT

GET
H3 200 inner-frame-minified.html Show response
1109024654-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 9D9B 2 KB
940 B 111ms
41ms Document
text/html 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1109024654-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 915
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 10:54:20 GMT
expires: Mon, 17 Feb 2025 10:54:20 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame 9D9B 18 KB
7 KB 39ms
39ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: 1109024654-atari-embeds.googleusercontent.com
URL: https://1109024654-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d589b80851934997657f105f130f05ffad98478dfe8b0be4313dc7efaadc95

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://1109024654-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Feb 2024 10:54:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7115
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d447dc04d18594b8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Feb 2024 10:54:20 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/ Frame 9D9B 56 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.8uXxGUoumbY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc060de8bcb64d92924c71cd679444545d46e864962641e7a812e879f80642ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://1109024654-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 18 Feb 2024 00:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20434
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Feb 2025 00:57:32 GMT

GET
H/1.1 200
OK hits.php
www.cutercounter.com/ Frame 5AF2 125 B
325 B 711ms
110ms Image
image/gif 47.89.219.37
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cutercounter.com/hits.php?id=huxoqaqc&nd=6&style=17
Requested by: Host: 1109024654-atari-embeds.googleusercontent.com
URL: https://1109024654-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.8uXxGUoumbY.O%2Fd%3D1%2Frs%3DAHpOoo96qx3mL4tzGUOa-0q0udyPRqEAoA%2Fm%3D__features__
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 47.89.219.37 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache / PHP/7.0.33
Resource Hash: 300488f13e60bacbba46f604ce3578ba24e9f2dd2a205ac650b6cc2fb2060ff1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://1109024654-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Sun, 18 Feb 2024 10:54:20 GMT
Server: Apache
Connection: Keep-Alive
X-Powered-By: PHP/7.0.33
Content-Length: 125
Keep-Alive: timeout=5, max=100
Content-Type: image/gif

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
41ms Preflight
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.paypayflower.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 18 Feb 2024 10:54:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.paypayflower.org/_/view/ 16 B
116 B 251ms
250ms XHR
application/json 2404:6800:4004:81c::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypayflower.org/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.aseIi7fY2mA.O/am=gAE/d=1/rs=AGEqA5l4FYk0E5mSaqqlHha3t0kFNaXb2g/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paypayflower.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Feb 2024 10:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 404 cspreport
drive.google.com/_/DriveOsidBootstrap/ Frame C731 141 B
472 B 170ms
169ms Other
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/_/DriveOsidBootstrap/cspreport

Requested by

Host: www.paypayflower.org
URL: https://www.paypayflower.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drive.google.com/auth_warmup
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/csp-report

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Feb 2024 10:54:23 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
expires: Sun, 18 Feb 2024 10:54:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 22:54:24	Name: NID Value: 511=YRN5eQVeTJzwlJbrueoFoymGkKJmGOvH3H0Dzvtyl_KI2lzcEjqkss-DnN_kvz9WFaT1vbyWT-SoPnpZoIa54484eYuHmw5dN1e3sHA0NJXr8OH6o9Q9WhsZKxlEmjQ5TbdoDA6kX0HzUivp06LgimPpgFGdijYBTjjVQFFj7LU

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.paypayflower.org/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.paypayflower.org' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.paypayflower.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.paypayflower.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.paypayflower.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.paypayflower.org/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.paypayflower.org' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://drive.google.com/_/DriveOsidBootstrap/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.paypayflower.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'self';report-uri /_/view/cspreport;script-src 'nonce-kO990rh9DUQD6pOvmHKoAw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1109024654-atari-embeds.googleusercontent.com
apis.google.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
paypayflower.org
play.google.com
www.cutercounter.com
www.gstatic.com
www.paypayflower.org
play.google.com
2001:4860:4802:38::15
2404:6800:4004:81c::2013
2404:6800:4004:820::200e
2404:6800:4004:822::200a
2404:6800:4004:823::2001
2404:6800:4004:823::2003
2404:6800:4004:824::200e
2404:6800:4004:825::200e
2404:6800:4004:826::2003
47.89.219.37
092b154c56242a35e74ccfd097f67ead751acef0fa10a55e9d8caf7937af5aba
0bedce13974cf69b7435c60aec35826e9680cf4ee14e38b9c840a5ff2d7513d9
0f65dde9539deaaa7421bae8405a636a427dae4ad09b50a44fb374b6545276ba
2014db9950e4f7e584cfc9f396bc8a0fa8f4d4d20e05a331797800adaa009ea2
27f663d89133b56be4ad686e84b608b5e7a760f8fbcf830a9ad7e4b5b99fea74
300488f13e60bacbba46f604ce3578ba24e9f2dd2a205ac650b6cc2fb2060ff1
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
3946b45e8e8c4b82cfa82b9c9d7e5fa3dc04b7daf8bc9d0665d686b454a2bba6
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3ae6f68266b3156767542705328ae95c13653fed8a7eb366cec68cf8652bf723
47c5ce7700816767e28eedd199791717b178ab69ad1c6c85864b82e62883ded8
49f9117b94a5252fe9275626b5dd68af08e0b445517dc246e5b444fb617036da
4b59b0ee8076139b12dc329ebc51b40f55701a1f9d8fee9a103823ead204985b
57c9179c3055d178efddae3e89dadecaf646f42f82b19efd19c8cb8bd2391392
69639bb6f8cc09e688bde3db7eb7e84dc1129c2b3797b8df739bf506245f451f
6dfb469514d5a63832c7bc2a2808a991e6da97c5817269d1f6e7ab4f0e64e7c3
76f030c7ce3523a2efa4df3579bbb3080e60285c0a95ccc1dcc16f263fca9461
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79f45e4de91af561dfe55b475676c01f717a2522e0f06b419972eba3599d59f5
806814042251ab09602fdcbf1a798fcfc35d12adb8b9b0a83ec80de9f379a130
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
9b4a8967bb22b9e8ecd9b7a906ea3dbb5999d3f2c40a8b817df5565c1421c4fc
ac8aeee2ae9ac431a6da8929b2db3be275e65d1692e1a91502ce46d067711f81
b57dd4ee721fe435e4a6e6a171d53a141b59eb8152009d437b47d06432a7082f
b7b135539deba659681e02b5b02f4125c3bf81ae15f859356a9da3fdcac4b876
b9d589b80851934997657f105f130f05ffad98478dfe8b0be4313dc7efaadc95
bc060de8bcb64d92924c71cd679444545d46e864962641e7a812e879f80642ce
be36ceeefb348c3ecde7d8f34b3cfba3416ebf3a2c389be5dd6405e0e73a7db2
c2fe54337ee8208dcae205d8ce2244ad904ef2749c35c37653ce3cf33ef2f62a
c6925c0a60491034e15ef986be7170cf9b29cf98fffa41b237f72258132c23f0
d32c71f99921b2dd9d5d5f7abc8df7584b131f4042e8af547fc8bd7a6ab70705
d4fd34668b2edac5f21b63ced2a7e194338a8831ed775e85845d804241d35c58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfc08f88470753540defe4f83da44e753db2b7e718391b56a5b9ccc51d44e57
efb24a4236847394d8f07cad0dc6b7f6a58f74c8b4d084064540adcb5866c008
f21400901a0ec0322b4398d2d28324e085297e3eaa1fc8d3531967e8e14b86f2
f9d17cebb8e59c8f8cfe474941048ee06c99d4dae94c23cb3962eb6a9fd551cb
ff5a260fdf396ee8d94f6abe9ab7b3bf3c577a4b904a41857742e7c9b911e94e

www.paypayflower.org Open in urlscan Pro 2404:6800:4004:81c::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

90 %IPv6

6 Domains

14 Subdomains

10 IPs

2 Countries

4099 kBTransfer

7077 kBSize

1 Cookies

18 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypayflower.org Open in urlscan Pro
2404:6800:4004:81c::2013 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

90 %
IPv6

6
Domains

14
Subdomains

10
IPs

2
Countries

4099 kB
Transfer

7077 kB
Size

1
Cookies

47 HTTP transactions
0 data transactions