heavycover.net Open in urlscan Pro
162.43.112.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://heavycover.net/2020/11/15/3674
Submission: On November 14 via manual (November 14th 2023, 8:15:03 am UTC) from JP — Scanned from JP

Summary HTTP 127 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 22 domains to perform 127 HTTP transactions. The main IP is 162.43.112.11, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is heavycover.net.

This is the only time heavycover.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	162.43.112.11 162.43.112.11	131965 (XSERVER X...) (XSERVER Xserver Inc.)
1	23.217.124.138 23.217.124.138	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2404:6800:400... 2404:6800:4004:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
2 7	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
2 2	65.9.42.120 65.9.42.120	16509 (AMAZON-02) (AMAZON-02)
8	65.9.42.83 65.9.42.83	16509 (AMAZON-02) (AMAZON-02)
1	133.125.14.121 133.125.14.121	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1 1	52.119.167.103 52.119.167.103	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26a... 2600:9000:26a6:ce00:1d:d7f6:39d3:7a61	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:400a:813::200e	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 7	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	18.65.216.116 18.65.216.116	16509 (AMAZON-02) (AMAZON-02)
2 4	2404:6800:400... 2404:6800:400a:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f00... 2a03:2880:f00f:104:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	192.229.237.25 192.229.237.25	15133 (EDGECAST) (EDGECAST)
3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	2404:6800:400... 2404:6800:400a:813::200d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80a::2006	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:801::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80c::2016	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:811::2006	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:827::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
127	32

44 162.43.112.11 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv10.minibird.netowl.jp

heavycover.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.217.124.138 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-124-138.deploy.static.akamaitechnologies.com

js1.nend.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:81c::200e (Australia) 2 redirects

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.42.120 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-120.nrt12.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.42.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-83.nrt12.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.125.14.121 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)

image.with2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.119.167.103 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ws-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a6:ce00:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:813::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:822::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.216.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-116.nrt57.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:80a::200e (Osaka, Japan) 2 redirects

ASN15169 (GOOGLE, US)

developers.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00f:104:face:b00c:0:3 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.237.25 (Marlborough, United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:813::200d (Osaka, Japan)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::2006 (Australia)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2016 (Australia)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	heavycover.net heavycover.net	4 MB
14	google.com 4 redirects apis.google.com — Cisco Umbrella Rank: 112 developers.google.com — Cisco Umbrella Rank: 14019 accounts.google.com — Cisco Umbrella Rank: 24 www.google.com — Cisco Umbrella Rank: 2	157 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	266 KB
10	st-hatena.com 2 redirects b.st-hatena.com — Cisco Umbrella Rank: 104400	15 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	41 KB
9	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	176 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	996 KB
4	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	39 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	33 KB
4	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 933	272 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	hatena.ne.jp b.hatena.ne.jp — Cisco Umbrella Rank: 104623	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	30 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	61 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	2 MB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	81 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 530	15 KB
1	amazon-adsystem.com 1 redirects ws-fe.amazon-adsystem.com — Cisco Umbrella Rank: 580998 ir-jp.amazon-adsystem.com Failed	200 B
1	with2.net image.with2.net	7 KB
1	nend.net js1.nend.net — Cisco Umbrella Rank: 370706	10 KB
127	22

	Domain	Requested by
44	heavycover.net	heavycover.net
10	b.st-hatena.com	2 redirects heavycover.net b.hatena.ne.jp b.st-hatena.com
8	www.youtube.com	heavycover.net www.youtube.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
7	apis.google.com	2 redirects heavycover.net apis.google.com accounts.google.com
6	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com
6	platform.twitter.com	heavycover.net platform.twitter.com
6	pagead2.googlesyndication.com	heavycover.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
4	jnn-pa.googleapis.com	www.youtube.com
4	static.xx.fbcdn.net	www.facebook.com
4	developers.google.com	2 redirects apis.google.com
3	syndication.twitter.com	platform.twitter.com heavycover.net
3	www.google-analytics.com	heavycover.net www.google-analytics.com www.googletagmanager.com
2	fonts.gstatic.com	www.youtube.com
2	accounts.google.com	apis.google.com heavycover.net
2	b.hatena.ne.jp	b.st-hatena.com
2	www.facebook.com	heavycover.net
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.gstatic.com	www.youtube.com
1	ssl.gstatic.com	accounts.google.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	www.google-analytics.com
1	m.media-amazon.com	heavycover.net
1	ws-fe.amazon-adsystem.com	1 redirects
1	image.with2.net	heavycover.net
1	js1.nend.net	heavycover.net
0	ir-jp.amazon-adsystem.com Failed	heavycover.net
127	32

This site contains links to these domains. Also see Links.

Domain
amzn.to
line.me
blog.with2.net
streamfishing.net
www.amazon.co.jp
stinger3.com

Subject Issuer	Validity	Valid
*.apis.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-23` - `2023-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.b.hatena.ne.jp Amazon RSA 2048 M01	`2023-09-23` - `2024-10-21`	a year	crt.sh
*.b.st-hatena.com Amazon RSA 2048 M02	`2023-09-23` - `2024-10-21`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-10-31`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 19 frames:

Primary Page: http://heavycover.net/2020/11/15/3674
Frame ID: 55418D21BA3C72076BD5FE69063E9A68
Requests: 64 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Y2bBWmlQgBM
Frame ID: EC1B131FEA93BA9A0453A0E33CC1F756
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62
Frame ID: 741DAC9FF66F857225E655F5254217EF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 5DF35DE37B0728011D2D9BD11DFE7C7C
Requests: 1 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal
Frame ID: 802E081B51F2FD4569A1A4B96036E378
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62
Frame ID: 0ECA2D280B51337B9153FA167B6EF5A1
Requests: 3 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 1D30FDE19539F9F152E8B7DD836E6843
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fheavycover.net
Frame ID: 506C716C08DA5C9AF56F9613366E69D0
Requests: 2 HTTP requests in this frame

Frame: https://developers.google.com/
Frame ID: 6C283C149E50D708B767D12796E4A76D
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheavycover.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
Frame ID: A97D9CA9FDF535045B376636CECA350E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=1475767982&adk=2994297318&adf=3397150600&pi=t.ma~as.1475767982&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698067&bpp=3&bdt=218&idt=400&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&correlator=2859096140990&frm=20&pv=2&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=4457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=410
Frame ID: FAFD8C25C4669087EF7B78532B3C08F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=1475767982&adk=2994297318&adf=2952329647&pi=t.ma~as.1475767982&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698070&bpp=1&bdt=220&idt=502&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=4737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=505
Frame ID: 2E79934F8316B866B402919D9E927559
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=3456461586&adk=3910447648&adf=1123053392&pi=t.ma~as.3456461586&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698124&bpp=12&bdt=275&idt=461&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=957&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=463
Frame ID: EB3F6F5A8D6DCECA066AB8E68FAD9220
Requests: 11 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal
Frame ID: 1D51EF7E8142EBDDD0AF1B59CEB43B5F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&adk=1812271804&adf=3025194257&lmt=1699949698&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1699949698311&bpp=1&bdt=462&idt=293&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&nras=1&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=309
Frame ID: AA350FC89AA227A6968BE3B3C3DED018
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Frame ID: E785945093FEB04DB5DD85586B24A567
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Frame ID: BBCFAA14E7BA8384703BB58ACB6193E7
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Frame ID: F33F42CB74B0FFE332C3E9271B519418
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6640A47303A074BFAF66D49F517EA9D9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

11月14日福井エギングとロックフィッシュ

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

57 %
HTTPS

70 %
IPv6

22
Domains

32
Subdomains

32
IPs

3
Countries

7729 kB
Transfer

12648 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://amzn.to/33dfZT0
Title: パタパタQラトル

Search URL Search Domain Scan URL

URL: http://line.me/R/msg/text/?LINE%E3%81%A7%E9%80%81%E3%82%8B%0D%0Ahttp%3A%2F%2Fline.me%2F

Search URL Search Domain Scan URL

URL: http://blog.with2.net/link.php?1618889:2233

Search URL Search Domain Scan URL

URL: http://streamfishing.net/
Title: 岐阜の渓流ブログ

Search URL Search Domain Scan URL

URL: http://line.me/S/sticker/1112122

Search URL Search Domain Scan URL

URL: http://www.amazon.co.jp/gp/product/B003S0VHQU/ref=as_li_ss_il?ie=UTF8&camp=247&creative=7399&creativeASIN=B003S0VHQU&linkCode=as2&tag=houkagobass-22

Search URL Search Domain Scan URL

URL: http://stinger3.com/
Title: WordPress-Theme STINGER3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://b.st-hatena.com/images/entry-button/button-only.gif HTTP 301
https://b.st-hatena.com/images/entry-button/button-only.gif

Request Chain 15

http://b.st-hatena.com/js/bookmark_button.js HTTP 301
https://b.st-hatena.com/js/bookmark_button.js

Request Chain 21

http://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B003S0VHQU&Format=_SL250_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=houkagobass-22 HTTP 302
https://m.media-amazon.com/images/I/51BFiaCuxqL._SL250_.jpg

Request Chain 30

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 32

http://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62 HTTP 307
https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

Request Chain 44

http://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62 HTTP 307
https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

Request Chain 46

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fheavycover.net&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__ HTTP 301
http://developers.google.com/ HTTP 301
https://developers.google.com/

Request Chain 72

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fheavycover.net&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__ HTTP 301
http://developers.google.com/ HTTP 301
https://developers.google.com/

Request Chain 77

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

127 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 3674 Show response
heavycover.net/2020/11/15/ 66 KB
17 KB 576ms
173ms Document
text/html 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: d8a21aa709244d9b86dec8aeadf026889f5cbbb99e1bf0b9f57ee0bb8b00d781

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Nov 2023 08:14:57 GMT
Link: <http://heavycover.net/wp-json/>; rel="https://api.w.org/", <http://heavycover.net/wp-json/wp/v2/posts/3674>; rel="alternate"; type="application/json", <http://heavycover.net/?p=3674>; rel=shortlink
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Pingback: http://heavycover.net/xmlrpc.php

GET
H/1.1 200
OK style.css
heavycover.net/wp-content/themes/stinger3ver20131217/ 26 KB
7 KB 13ms
11ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/style.css
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 0ab583bab6a8dc2e70a56deadedd3acb266cbe7855e1f2f40a8f465b5eaabb2d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jan 2015 14:18:36 GMT
Server: nginx
ETag: W/"66bb-50d8ed05fa700"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.min.css
heavycover.net/wp-includes/css/dist/block-library/ 53 KB
10 KB 21ms
11ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-includes/css/dist/block-library/style.min.css?ver=5.5.13
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 12:04:05 GMT
Server: nginx
ETag: W/"d293-5ae536ea5e971"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK blocks.style.build.css
heavycover.net/wp-content/plugins/browser-shots/dist/ 140 B
374 B 20ms
11ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/browser-shots/dist/blocks.style.build.css?ver=1.7.4
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 729a1416748fa50d2806bdc2664522f78c64511e6638d0cd2f7df5407ba3b4ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Thu, 27 Aug 2020 11:59:04 GMT
Server: nginx
ETag: "8c-5addaa9ad6b66"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140

GET
H/1.1 200
OK styles.css
heavycover.net/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 20ms
11ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.2
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 12:04:49 GMT
Server: nginx
ETag: W/"780-5ae537144efaf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK screen.min.css
heavycover.net/wp-content/plugins/table-of-contents-plus/ 1 KB
757 B 20ms
10ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Aug 2020 11:59:06 GMT
Server: nginx
ETag: W/"484-5addaa9c72d30"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wpp.css
heavycover.net/wp-content/plugins/wordpress-popular-posts/assets/css/ 1 KB
868 B 22ms
10ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.2.4
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Aug 2020 11:59:11 GMT
Server: nginx
ETag: W/"5e5-5addaaa0cf0ab"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK amazonjs.css
heavycover.net/wp-content/plugins/wp-amazonjs-0.8/css/ 2 KB
1 KB 21ms
10ms Stylesheet
text/css 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/wp-amazonjs-0.8/css/amazonjs.css?ver=0.8
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 3a03881d88437511e4ad027306b3fb17de46f7c81a0411faf13b857b09a1d1db

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 14:21:11 GMT
Server: nginx
ETag: W/"9ff-5ae5558f37c7c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK jquery.js Show response
heavycover.net/wp-includes/js/jquery/ 95 KB
39 KB 31ms
12ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Aug 2020 11:58:54 GMT
Server: nginx
ETag: W/"17a69-5addaa90e9ae8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wpp.min.js Show response
heavycover.net/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 31ms
12ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.2.4
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Aug 2020 11:59:11 GMT
Server: nginx
ETag: W/"a3a-5addaaa0d004b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK nendAdLoader.js Show response
js1.nend.net/js/ 32 KB
10 KB 96ms
3ms Script
application/x-javascript 23.217.124.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://js1.nend.net/js/nendAdLoader.js
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 23.217.124.138 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-124-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d99a40e3a18a6844a50f558a9de423203b42f161257b86190f25083363f60f23

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 06:27:49 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=271
Connection: keep-alive
Content-Length: 9950
Expires: Tue, 14 Nov 2023 08:19:28 GMT

GET
H/1.1 200
OK securedownload.jpg
heavycover.net/wp-content/uploads/2014/03/ 21 KB
21 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2014/03/securedownload.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: decacf01479fc2ca2bfd13911fec525de73648f40691808fc12fe7d9b6f4ea33

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Tue, 18 Mar 2014 12:47:51 GMT
Server: nginx
ETag: "5493-4f4e0f1a7cbc0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21651

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
55 KB 52ms
50ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

HTTP/1.1

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bd3eade8296c4e75fd95fd7567a8b8bcd9cd80450f722396d7cb291882def86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 55557
X-XSS-Protection: 0
Server: cafe
ETag: 10326619981294403191
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 14 Nov 2023 08:14:57 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 7ms
4ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/7376) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Age: 1192
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (tkb/7376)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 plusone.js Show response
apis.google.com/js/ 56 KB
22 KB 147ms
105ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b750b4baeaf88b2ac42100bcc3ea6d799a6ba8c3c5b2cce1d72a75a6c0952f7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 08:14:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21931
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "cf28888d642e74bc"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 08:14:58 GMT

GET
H2

200

button-only.gif
b.st-hatena.com/images/entry-button/
Redirect Chain

http://b.st-hatena.com/images/entry-button/button-only.gif
https://b.st-hatena.com/images/entry-button/button-only.gif

254 B
701 B

14ms
4ms

Image
image/gif

65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/button-only.gif

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

cecced3759ead676c01a7fa67745175f258e1cf40bac53e54a958236c65180ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 10:20:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 3707651
x-cache: Hit from cloudfront
content-length: 254
last-modified: Thu, 28 Sep 2023 10:12:02 GMT
server: nginx
etag: "65155172-fe"
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xreWSDOb99uQgZWBCKVvH7SkfRPk07XRmXoPbLGCe_cb2xLYU45Ucw==
expires: Tue, 01 Oct 2024 10:20:47 GMT

Redirect headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Via: 1.1 e0064cf7b670c5210a75dcd4c278001a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: NRT12-C5
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.st-hatena.com/images/entry-button/button-only.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: M_wS5HH1mjPLKXNDpg1SOIC4WjymmKi_JfbVvA6GX5McNw7NDenb4Q==

GET
H2

200

bookmark_button.js Show response
b.st-hatena.com/js/
Redirect Chain

http://b.st-hatena.com/js/bookmark_button.js
https://b.st-hatena.com/js/bookmark_button.js

6 KB
3 KB

12ms
5ms

Script
application/x-javascript

65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 20:54:50 GMT
last-modified: Wed, 01 Nov 2023 03:19:54 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 40808
etag: W/"6541c3da-1990"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: GfLVhb-jyrLM9McDc1p8Sh7YvbCk2kE7pG0s0iM74H96RDnZQR_WEg==
expires: Tue, 14 Nov 2023 20:54:50 GMT

Redirect headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Via: 1.1 8293e2b132ad1f1e106a0b13b5cd9854.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: NRT12-C5
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://b.st-hatena.com/js/bookmark_button.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 2ixMa2ueeQxar0kRWQ-SDFscXGh3Qf9-siTSj_hsIKn18fLTYQ6CHg==

GET
H/1.1 200
OK 36x60.png
heavycover.net/wp-content/uploads/2014/10/ 3 KB
3 KB 10ms
10ms Image
image/png 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2014/10/36x60.png?0fbacd
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 2567a066d05d1878cb6f9571dbe2f8d0d088a56bea39053994871dcdd9f881d7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Thu, 30 Oct 2014 12:10:31 GMT
Server: nginx
ETag: "c3d-506a2c446dbc0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3133

GET
H/1.1 200
OK br_c_2233_2.gif
image.with2.net/img/banner/c/banner_2/ 7 KB
7 KB 65ms
24ms Image
image/gif 133.125.14.121
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://image.with2.net/img/banner/c/banner_2/br_c_2233_2.gif
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 133.125.14.121 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82c7ef12aa12a8aa9ca1673d85f159a12d7e82acfeca841cd24f2e04409b83c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Sat, 18 Jan 2014 02:44:48 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6018f1-1b7f-4f035a457e800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 7039

GET
H/1.1 200
OK btn2.gif
heavycover.net/wp-content/themes/stinger3ver20131217/images/ 1 KB
2 KB 10ms
10ms Image
image/gif 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/images/btn2.gif
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 91534084a9fe322743bec535941abe0346d427c35668c587a906b91d3169d56a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Fri, 28 Feb 2014 12:14:42 GMT
Server: nginx
ETag: "530-4f37661f55080"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1328

GET
H/1.1 200
OK kiryu.jpg
heavycover.net/ 19 KB
19 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/kiryu.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 55561d7426ab36b80ca944a3ba8c40e30b35fd538072405d59ce83a0a9d35eb1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Tue, 10 Jun 2014 10:38:07 GMT
Server: nginx
ETag: "4add-4fb78ec5ce1c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19165

GET
H/1.1 200
OK linepr-bass.jpg
heavycover.net/wp-content/uploads/2015/06/ 30 KB
30 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2015/06/linepr-bass.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: d9cef3fff134e7041380467fe0124de8f0bfeb39639ef03c635496bddec4c68b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Fri, 12 Jun 2015 12:10:12 GMT
Server: nginx
ETag: "7849-51850fd705100"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30793

GET
H2

200

51BFiaCuxqL._SL250_.jpg
m.media-amazon.com/images/I/
Redirect Chain

http://ws-fe.amazon-adsystem.com/widgets/q?_encoding=UTF8&ASIN=B003S0VHQU&Format=_SL250_&ID=AsinImage&MarketPlace=JP&ServiceVersion=20070822&WS=1&tag=houkagobass-22
https://m.media-amazon.com/images/I/51BFiaCuxqL._SL250_.jpg

14 KB
15 KB

230ms
4ms

Image
image/jpeg

2600:9000:26a6:ce00:1d:d7f6:39d3:7a61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51BFiaCuxqL._SL250_.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: H2
Server: 2600:9000:26a6:ce00:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 290516efb4eef62abc30e4d1db613eb3906f958ce99be041942d0388efe00221

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:08:59 GMT
via: 1.1 e8888b4ce0d0032a21220ed1f337571c.cloudfront.net (CloudFront)
age: 4003558
x-amz-cf-pop: NRT20-P1
edge-cache-tag: x-cache-135,/images/I/51BFiaCuxqL
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
content-length: 14568
surrogate-key: x-cache-135 /images/I/51BFiaCuxqL
last-modified: Sat, 03 Mar 2012 07:37:17 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7991178f-2d73-4943-a56d-75e6cc6524a3
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: VTFTIoej90ikeOXwV10EhGMk2pQwq7VMStnmBRAVpOP1L9Lnjblk-w==
expires: Thu, 24 Sep 2043 00:08:59 GMT

Redirect headers

Location: https://m.media-amazon.com/images/I/51BFiaCuxqL._SL250_.jpg
Date: Tue, 14 Nov 2023 08:14:58 GMT
Server: Server
Connection: close
Content-Length: 0
Vary: User-Agent

GET ir
ir-jp.amazon-adsystem.com/e/ 0
0

GET
H/1.1 200
OK scripts.js Show response
heavycover.net/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 11ms
10ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 12:04:49 GMT
Server: nginx
ETag: W/"3719-5ae5371450eef"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK front.min.js Show response
heavycover.net/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 12ms
11ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Aug 2020 11:59:06 GMT
Server: nginx
ETag: W/"17cb-5addaa9c72d30"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wp-embed.min.js Show response
heavycover.net/wp-includes/js/ 1 KB
1 KB 11ms
10ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-includes/js/wp-embed.min.js?ver=5.5.13
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 May 2023 21:48:07 GMT
Server: nginx
ETag: W/"5c6-5fbd686dda2d6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK form.js Show response
heavycover.net/wp-content/plugins/akismet/_inc/ 700 B
949 B 10ms
9ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/plugins/akismet/_inc/form.js?ver=4.1.6
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Thu, 27 Aug 2020 11:39:55 GMT
Server: nginx
ETag: "2bc-5adda652d7cdb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 700

GET
H/1.1 200
OK base.js Show response
heavycover.net/wp-content/themes/stinger3ver20131217/ 6 KB
3 KB 11ms
10ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/base.js
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: b1e2f33452a52b791444e4cf45bda7c88855776169993355b97e830d7b3199c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Feb 2014 12:14:42 GMT
Server: nginx
ETag: W/"19fa-4f37661f55080"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
heavycover.net/wp-includes/js/ 14 KB
5 KB 12ms
11ms Script
application/javascript 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://heavycover.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.13
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 09:29:45 GMT
Server: nginx
ETag: W/"3795-5bfff8105ad64"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

POST
H/1.1 201
Created popular-posts Show response
heavycover.net/wp-json/wordpress-popular-posts/v1/ 57 B
754 B 61ms
61ms XHR
application/json 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://heavycover.net/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: heavycover.net
URL: http://heavycover.net/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.2.4

Protocol

HTTP/1.1

Server

162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv10.minibird.netowl.jp

Software

nginx /

Resource Hash

798bfbbde70c9a0106aaedb9f79ed6b985408fe87154b6db8302b6e7e6085b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://heavycover.net/2020/11/15/3674
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Allow: GET, POST
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://heavycover.net
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Vary: Origin
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Link: <http://heavycover.net/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
X-WP-Nonce: 1c58b088ad

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

73ms
14ms

Script
text/javascript

2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Server

2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 06:21:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6795
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 Nov 2023 08:21:43 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 Y2bBWmlQgBM Show response
www.youtube.com/embed/ Frame EC1B 91 KB
40 KB 174ms
128ms Document
text/html 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Y2bBWmlQgBM

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffec01a06994a0ce139afb81e8cf22e95eddde308bcc70ce8088580908c069a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 741D
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62
https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

41 KB
16 KB

227ms
217ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56dceb2425ae940c4f08366c1e1b1c35829746a233906a3de36f8052c6254b95

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hMfsppS2+hNwzRgTy2/8u3ThaLzmtOZctALJEnlU0NAZR2C5WhgdymEpOKWha6oiGd+D/K7g9i+Vnhka+4gLTw==
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK rs_DSC_0357.jpg
heavycover.net/wp-content/uploads/2020/11/ 522 KB
522 KB 22ms
22ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2020/11/rs_DSC_0357.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 4708a14555eadcdbed87fdef1cdb7959721c7738f68a0d1c7dfad7ce1b62e3e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Tue, 24 Nov 2020 13:00:19 GMT
Server: nginx
ETag: "827a5-5b4d9e4976b74"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 534437

GET
H/1.1 200
OK rs_DSC_0356.jpg
heavycover.net/wp-content/uploads/2020/11/ 703 KB
703 KB 27ms
27ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2020/11/rs_DSC_0356.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 4d2c312e972dfe35d470717909ab371d7428534462c0f64948f051934ec99222

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 24 Nov 2020 13:05:23 GMT
Server: nginx
ETag: "afabb-5b4d9f6aeead7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 719547

GET
H/1.1 200
OK rs_DSC_0360.jpg
heavycover.net/wp-content/uploads/2020/11/ 602 KB
602 KB 15ms
15ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2020/11/rs_DSC_0360.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: cb1f5b0427de8dfe2f5218d74e5fda8b17fe30f27f4e443d730b897a20776a63

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:57 GMT
Last-Modified: Tue, 24 Nov 2020 13:14:48 GMT
Server: nginx
ETag: "96774-5b4da1861fbcd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 616308

GET
H/1.1 200
OK rs_DSC_0361.jpg
heavycover.net/wp-content/uploads/2020/11/ 765 KB
766 KB 22ms
22ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2020/11/rs_DSC_0361.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 38de0947e43879080ef67b781064a8766e9f391463e4bfb0174e12a4399ae383

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 24 Nov 2020 13:26:10 GMT
Server: nginx
ETag: "bf5a5-5b4da4101a4c4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 783781

GET
H/1.1 200
OK rs_DSC_0363.jpg
heavycover.net/wp-content/uploads/2020/11/ 243 KB
244 KB 20ms
20ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2020/11/rs_DSC_0363.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 7c9b15fecca246352c00382819917bd3805ec7808eb668fae0661ee7401a5e0b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 24 Nov 2020 13:30:42 GMT
Server: nginx
ETag: "3cdc3-5b4da5140c990"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249283

GET
H/1.1 200
OK rs_DSC_0366-rotated.jpg
heavycover.net/wp-content/uploads/2020/11/ 411 KB
411 KB 13ms
12ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2020/11/rs_DSC_0366-rotated.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 10beee2a79608d72174473834ef4928bb879e74c586c8e1553706a54fe27521c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 24 Nov 2020 13:38:55 GMT
Server: nginx
ETag: "66cc6-5b4da6ea7238b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 421062

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ 400 KB
136 KB 187ms
142ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3864997e6b8359deb1fec1018293fc5abc569009c4b36f190fdf265bc5a43f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138666
x-xss-protection: 0
server: cafe
etag: 7453645006889329050
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 08:14:58 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 5DF3 9 KB
4 KB 46ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 07:09:58 GMT
etag: 16674218716276178799
expires: Tue, 28 Nov 2023 07:09:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/ 157 KB
55 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3316b3ce32bd93cd3f04aa87e38fca639c28710f5b88c0ddc7b29d60e5d5eac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55543
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 04:20:31 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 44ms
43ms XHR
text/plain 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1086569809&t=pageview&_s=1&dl=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ul=en-us&de=UTF-8&dt=11%E6%9C%8814%E6%97%A5%20%E7%A6%8F%E4%BA%95%E3%82%A8%E3%82%AE%E3%83%B3%E3%82%B0%E3%81%A8%E3%83%AD%E3%83%83%E3%82%AF%E3%83%95%E3%82%A3%E3%83%83%E3%82%B7%E3%83%A5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1254829837&gjid=185825538&cid=1610748454.1699949698&tid=UA-46876939-2&_gid=138573397.1699949698&_r=1&_slc=1&z=117178969

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b0d834826ab651691b552fe6e18f0a7e0237d4b07bbb30eb428bc0d70aa80bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://heavycover.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://heavycover.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
b.hatena.ne.jp/entry/button/ Frame 802E 1 KB
1 KB 34ms
18ms Document
text/html 18.65.216.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal

Requested by

Host: b.st-hatena.com
URL: http://b.st-hatena.com/js/bookmark_button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.216.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-216-116.nrt57.r.cloudfront.net

Software

nginx /

Resource Hash

ea47e2879882a413167f901d604799b6da46072d687a48c8fc726acfe746c0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 08:14:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 af1dba21626a829695c3fa888cc0952c.cloudfront.net (CloudFront)
x-amz-cf-id: bLrfgRNf2NGkBXQpgvC6ad_QncIfi-iXT65m1XoepCvTStdqhq72ig==
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 0ECA
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62
https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

41 KB
14 KB

383ms
383ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c7467f7fc09ce049ca50f2fd0a44294290804587c7b2b4798829e7eabfd5df2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 5t+OiTdMf+YqUFg6n1+phLJagjPkUr9se4K+3WHIAA++wM2M8VAiG2cB04W5Ac/gQsdRMdCNhdd9dtgiKQn0bw==
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62
Non-Authoritative-Reason: HSTS

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/ 97 KB
34 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effbe7106f3934dae78e0c57f5fdeb1a506ad6508454997502a2a9f0ac93b4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 18:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34295
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:50:52 GMT

GET
H2

200

/
developers.google.com/ Frame 1D30
Redirect Chain

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fheavycover.net&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc...
http://developers.google.com/
https://developers.google.com/

0
0

1244ms
1244ms

Document
text/html

2404:6800:400a:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.google.com/

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-uKJ4JVhLHfebIBBwTnBaKBP17FfmPn' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 29805
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-uKJ4JVhLHfebIBBwTnBaKBP17FfmPn' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 08:15:00 GMT
expires: 0
last-modified: Tue, 14 Nov 2023 00:22:16 GMT
pragma: no-cache
server: Google Frontend
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Cookie Accept-Encoding
x-cloud-trace-context: ad412b43f810f30edfac136a00c1a158
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Content-Length: 0
Content-Type: text/html
Date: Tue, 14 Nov 2023 08:14:58 GMT
Location: https://developers.google.com/
Server: Google Frontend
X-Cloud-Trace-Context: b309bb61f5e1afeff21628366bd93679

GET
H2 200 www-player.css
www.youtube.com/s/player/5bdfe6d5/ Frame EC1B 377 KB
48 KB 4ms
3ms Stylesheet
text/css 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c38e4137faa1fea4776e411312ad0598bc3ec1c5ba8a3f2d65eccc83933eabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:51:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48775
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Nov 2024 06:51:15 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/ Frame EC1B 57 KB
17 KB 6ms
5ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34d95b83f17fe2c4f3b25663cc2996447196bc5adf5db71b86246c5a3e545226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17781
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:35:04 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/ Frame EC1B 321 KB
96 KB 6ms
6ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aea13eba5ef3838f3bdeca986afcacedf3e6c595e021a8a4042d9e7c2827d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98280
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:34:19 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/ Frame EC1B 2 MB
761 KB 9ms
9ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394d5defcfeec4d3785db20e78e3d744c1f99d17cc09916d0f2f37ec6647b00c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 778921
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:35:04 GMT

GET
H/1.1 200
OK ca3.png
heavycover.net/wp-content/themes/stinger3ver20131217/images/ 1 KB
2 KB 11ms
11ms Image
image/png 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/images/ca3.png
Requested by: Host: heavycover.net
URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/style.css
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 3a145bd5915543ade2ef9a52ecb8df926358700bd9bea60497eea142251474a8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/wp-content/themes/stinger3ver20131217/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Fri, 28 Feb 2014 12:14:42 GMT
Server: nginx
ETag: "59d-4f37661f55080"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1437

GET
H/1.1 200
OK a30.png
heavycover.net/wp-content/themes/stinger3ver20131217/images/ 945 B
1 KB 10ms
10ms Image
image/png 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/images/a30.png
Requested by: Host: heavycover.net
URL: http://heavycover.net/wp-content/themes/stinger3ver20131217/style.css
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 2ce2927bdd5374a59ff4c1a138e16ace6d96cd6cb4343d2eb5df0c6067f5b355

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/wp-content/themes/stinger3ver20131217/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Fri, 28 Feb 2014 12:14:42 GMT
Server: nginx
ETag: "3b1-4f37661f55080"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 945

GET
H/1.1 200
OK rs_DSC_0350-160x107.jpg
heavycover.net/wp-content/uploads/2023/11/ 12 KB
12 KB 23ms
22ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2023/11/rs_DSC_0350-160x107.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 83f33fe9d05af75b55875855f4b1c66d6eff605cfa694489845ba17b55c330d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 07 Nov 2023 11:26:04 GMT
Server: nginx
ETag: "2f19-6098e3c78c92d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12057

GET
H/1.1 200
OK rs_DSC_0322-160x107.jpg
heavycover.net/wp-content/uploads/2023/10/ 6 KB
7 KB 24ms
22ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2023/10/rs_DSC_0322-160x107.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 85246cef7521515f42570070668df154b0cb5bdfc8293a79cc51b1c05c8c2950

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Wed, 04 Oct 2023 15:18:47 GMT
Server: nginx
ETag: "1981-606e5861506ce"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6529

GET
H/1.1 200
OK rs_DSC_0315-160x107.jpg
heavycover.net/wp-content/uploads/2023/10/ 30 KB
31 KB 22ms
21ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2023/10/rs_DSC_0315-160x107.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 1223d46f694f23c4ef4447e4c5429a0ad75a5f8eed768d04fb0e6e50931e562c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 03 Oct 2023 10:37:48 GMT
Server: nginx
ETag: "7937-606cd7b66c19a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31031

GET
H/1.1 200
OK rs_DSC_0268-160x107.jpg
heavycover.net/wp-content/uploads/2023/10/ 70 KB
70 KB 25ms
24ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2023/10/rs_DSC_0268-160x107.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: f0d79483ceaca2a1b1980bb6427cfbaa3eaa0832cc8948817503201c2a74d0ce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 03 Oct 2023 10:15:15 GMT
Server: nginx
ETag: "116f3-606cd2aba92f1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71411

GET
H/1.1 200
OK rs_DSC_0251-160x107.jpg
heavycover.net/wp-content/uploads/2023/09/ 70 KB
70 KB 24ms
23ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/2023/09/rs_DSC_0251-160x107.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 616eed74eb49c365bcf928da0383ccedf660742c08b6e7a800d61984a92539b3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Mon, 11 Sep 2023 13:44:19 GMT
Server: nginx
ETag: "117ae-6051585e7fed9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71598

GET
H/1.1 200
OK 3674-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 4 KB
4 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/3674-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: da009bc4206a12e34d7f0f49923cddb27bb5eef30ebd6d8b80def4858b87fcb3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 26 Oct 2021 13:52:34 GMT
Server: nginx
ETag: "10cd-5cf41ca219ea0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4301

GET
H/1.1 200
OK 2204-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 5 KB
5 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/2204-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: c3fdc10665930dfdc09500b5fd5aab97c53c0c0bf93dd89d5fb83ad35948a75c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 10 Oct 2017 12:44:07 GMT
Server: nginx
ETag: "1247-55b30a9b013c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4679

GET
H/1.1 200
OK 1991-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 5 KB
5 KB 11ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/1991-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: bcb3d4f2b47ad64db5ea776c33c7b01bb318940ef97cc6410e5812315b9d8ac2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 10 Oct 2017 12:44:07 GMT
Server: nginx
ETag: "126e-55b30a9b013c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4718

GET
H/1.1 200
OK 3849-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 27 KB
27 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/3849-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: eccb8a9b4ea3fb2c6715566d56d1ce447492ec56bd3b6ce7c89b1be2d3eee1dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Sun, 15 Oct 2023 23:38:14 GMT
Server: nginx
ETag: "6d0c-607c9c8900e96"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27916

GET
H/1.1 200
OK 2313-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 2 KB
2 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/2313-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 7ecb96d72377a3b681d551cdf98f9e63e61b6b616e1e531826d4c0ea448c72ab

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 10 Oct 2017 12:44:06 GMT
Server: nginx
ETag: "88a-55b30a9a0d180"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2186

GET
H/1.1 200
OK 3273-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 10ms
10ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/3273-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: d4d57dda63c1eb86de7b6b1a213e238d2e6c12d202ccfb71f450b31a7e3752c5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Tue, 10 Oct 2017 12:44:07 GMT
Server: nginx
ETag: "cb2-55b30a9b013c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3250

GET
H/1.1 200
OK 3464-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 4 KB
4 KB 10ms
9ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/3464-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 85fa61edac901fbc676d712ee5f53842a8ac5678d997ee3674235e8597da761d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Thu, 15 Nov 2018 03:41:09 GMT
Server: nginx
ETag: "fc6-57aabd2409f40"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4038

GET
H/1.1 200
OK 2660-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 9ms
9ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/2660-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: dfb59dcbaa2109e8f1dcbdfc624f3e0413326994a90b9d91f7c1b598beb2bca3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Thu, 23 Jan 2020 19:06:40 GMT
Server: nginx
ETag: "c8c-59cd3574c988a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3212

GET
H/1.1 200
OK 2850-featured-100x100.jpg
heavycover.net/wp-content/uploads/wordpress-popular-posts/ 3 KB
3 KB 10ms
9ms Image
image/jpeg 162.43.112.11
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://heavycover.net/wp-content/uploads/wordpress-popular-posts/2850-featured-100x100.jpg
Requested by: Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674
Protocol: HTTP/1.1
Server: 162.43.112.11 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv10.minibird.netowl.jp
Software: nginx /
Resource Hash: 508470342fdbc5d8affab54da85ebc260f809b8c363cf5989a63797401bed338

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/2020/11/15/3674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Last-Modified: Sat, 11 Nov 2017 14:14:00 GMT
Server: nginx
ETag: "ba5-55db5a60eba00"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2981

GET
H2 200 reset.css
b.st-hatena.com/css/ Frame 802E 2 KB
1 KB 4ms
3ms Stylesheet
text/css 65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/reset.css?fd7587a537b0ac76ecbd26694a766c3f753bd198

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 21:47:31 GMT
last-modified: Mon, 23 Oct 2023 11:20:17 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 37647
etag: W/"653656f1-817"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: ZW0sK_6dFd4xYKadTtkLijXG8Agtw1ubaJKgnLLMMwzsWIDUorA3kw==
expires: Tue, 14 Nov 2023 21:47:31 GMT

GET
H2 200 entry-button.css
b.st-hatena.com/css/ Frame 802E 5 KB
2 KB 4ms
4ms Stylesheet
text/css 65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/entry-button.css?fd7587a537b0ac76ecbd26694a766c3f753bd198

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 32171
x-cache: Hit from cloudfront
last-modified: Mon, 23 Oct 2023 11:20:17 GMT
server: nginx
etag: W/"653656f1-134a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: Gj78LdEfypTH4OSbZdBQ4nG_71vETsySXyNwEZLjWlnrYGzh84fAAQ==
expires: Tue, 14 Nov 2023 23:18:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 98ms
57ms Script
application/javascript 2404:6800:4004:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6LE9YGYFL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c8b358c4e5934601dec6d69dd0cf36774bd5fa13d5cdfa85083f82ee1277358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 08:14:58 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 741D 299 B
923 B 10ms
3ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http://heavycover.net/2020/11/15/3674&layout=box_count&show_faces=false&width=50&action=like&colorscheme=light&height=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: ooLn/0NGF17xiRMGCTI5RGSifUImtUG9eXnoIPwwkbSicMcgkThqMb37BkDOjhEoiW7tWnVHZ0xqnjj2ZfHmiw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 02 Nov 2024 19:27:44 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 506C 319 KB
104 KB 11ms
3ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fheavycover.net
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/72AA) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3066141
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 08:14:58 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/72AA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2

200

/
developers.google.com/ Frame 6C28
Redirect Chain

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fheavycover.net&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc...
http://developers.google.com/
https://developers.google.com/

0
0

487ms
431ms

Document
text/html

2404:6800:400a:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.google.com/

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-jHKeMerB1rjV89sKxuxymU+SsfbkEt' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 29796
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-jHKeMerB1rjV89sKxuxymU+SsfbkEt' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: 0
last-modified: Tue, 14 Nov 2023 00:22:16 GMT
pragma: no-cache
server: Google Frontend
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Cookie Accept-Encoding
x-cloud-trace-context: b7f88e9356093f2770fe470da06557ee
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Content-Length: 0
Content-Type: text/html
Date: Tue, 14 Nov 2023 08:14:58 GMT
Location: https://developers.google.com/
Server: Google Frontend
X-Cloud-Trace-Context: a5583ec9abd79f3cdbf89c8cde325567

GET
H3 200 T3DO38Clbii.js Show response
static.xx.fbcdn.net/rsrc.php/v3iTSw4/yb/l/zh_CN/ Frame 741D 525 KB
135 KB 8ms
4ms XHR
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yb/l/zh_CN/T3DO38Clbii.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aeca109f2b929ce1109b2aa4c5cd8a3605549e4996fe15ddedb3fa5c05d77d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AuYiXlFYQlKwCaKDgbUAfg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138605
reporting-endpoints
x-fb-debug: 2ByBkGVOwyft1xaQpsjUQGovuS55Uat0Xoz7ss+U2LV6bc6WtFDVDuy2H+lPhae4dwCRT/R0bORkmsn3eLhcow==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Fri, 08 Nov 2024 17:38:10 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 506C 870 B
660 B 114ms
103ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8ead34ff04ebfeac498f8ec09d92d27a31a7ff2c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=http%3A%2F%2Fheavycover.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 100
date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 14 Nov 2023 08:14:58 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 91cfac58cbdb81d1
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: a975e446f0dc065925cde91f49032f8ad5905c516684271a33373d07c3703afc
content-length: 338

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame A97D 565 B
873 B 179ms
122ms Document
text/html 2404:6800:400a:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheavycover.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200d Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcf410468ab3ab44c71c8a9e1c8733bd1f62bec00286df7f06c68b875327ac97

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-mKYT-YEn9x9-pFjArqhSsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-mKYT-YEn9x9-pFjArqhSsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vertical-en.svg
b.st-hatena.com/images/entry-button/ Frame 802E 3 KB
2 KB 5ms
4ms Image
image/svg+xml 65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/vertical-en.svg

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/css/entry-button.css?fd7587a537b0ac76ecbd26694a766c3f753bd198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

3b0d71516f26850ac7fe8e547fa5eaf17412c660036960ff36cc7cc0dd0178be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.st-hatena.com/css/entry-button.css?fd7587a537b0ac76ecbd26694a766c3f753bd198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 12:36:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 2144301
x-cache: Hit from cloudfront
last-modified: Wed, 18 Oct 2023 06:03:04 GMT
server: nginx
etag: W/"652f7518-df1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
x-amz-cf-id: HuRvDNI0EwdJ-vUlWSll7bLCW35yxida_T8DDlRaCZ8Cb_KCTWJMEA==
expires: Sat, 19 Oct 2024 12:36:37 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame EC1B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

41ms
41ms

XHR
application/json

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7da39b12e0f26ceb120e131749b6e0def3b165b1aea016cc1d83e51eb513b788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EC1B 29 B
494 B 48ms
3ms Script
text/javascript 2404:6800:4004:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:19 GMT
x-content-type-options: nosniff
age: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Nov 2023 08:29:19 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAFD 723 B
573 B 201ms
200ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=1475767982&adk=2994297318&adf=3397150600&pi=t.ma~as.1475767982&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698067&bpp=3&bdt=218&idt=400&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&correlator=2859096140990&frm=20&pv=2&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=4457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=410

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec9b77392669d283add37a187514bf71642e8293107127fbf062ad96fbc03e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: Tue, 14 Nov 2023 08:14:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
45ms Ping
text/plain 2404:6800:400a:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R6LE9YGYFL&gtm=45je3b81v9124676060&_p=1699949698267&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1610748454.1699949698&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&dt=11%E6%9C%8814%E6%97%A5%20%E7%A6%8F%E4%BA%95%E3%82%A8%E3%82%AE%E3%83%B3%E3%82%B0%E3%81%A8%E3%83%AD%E3%83%83%E3%82%AF%E3%83%95%E3%82%A3%E3%83%83%E3%82%B7%E3%83%A5&sid=1699949698&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1237
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6LE9YGYFL&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:813::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:14:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://heavycover.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 91ms
40ms Preflight
text/html 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 14 Nov 2023 08:14:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC1B 71 KB
33 KB 52ms
52ms XHR
application/json+protobuf 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb06b264a5883c5cf70f408049617e381745dfe8a478707fe7a85c8c4c493b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33086
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/ Frame EC1B 117 KB
33 KB 3ms
3ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f37e06582863926e9e00aa5427681f20be068bbd8c37dfbdac0c4161315300f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:35:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 517194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33732
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:35:04 GMT

GET
H2 200 4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js Show response
www.google.com/js/th/ Frame EC1B 39 KB
15 KB 46ms
4ms Script
text/javascript 2404:6800:4004:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 591450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15284
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 11:57:28 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/Y2bBWmlQgBM/ Frame EC1B 37 KB
38 KB 93ms
47ms Image
image/webp 2404:6800:4004:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Y2bBWmlQgBM/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2016 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d25e364abc480f72ab2f9d16c257ab6c25ecee2646fe28d5a07f58a597f0d494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
server: sffe
etag: "1574497601"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38086
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Nov 2023 10:14:58 GMT

GET
DATA 200
OK truncated
/ Frame EC1B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Z5Vg0BaTakjxQ2HpggcMTaICbYDGxZKaJc6n-JPIf65YRQHIYd6RZ-rEGoQA8oK2qqlT1j4RRQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame EC1B 3 KB
4 KB 91ms
44ms Image
image/jpeg 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Z5Vg0BaTakjxQ2HpggcMTaICbYDGxZKaJc6n-JPIf65YRQHIYd6RZ-rEGoQA8oK2qqlT1j4RRQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf451cb1d53ced8c642908be97ab502a090889a651c502f2984526a29afc7117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3288
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Nov 2023 08:14:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC1B 15 KB
16 KB 46ms
2ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 18:38:11 GMT
x-content-type-options: nosniff
age: 221807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 18:38:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC1B 15 KB
15 KB 45ms
3ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 04:35:33 GMT
x-content-type-options: nosniff
age: 13165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 04:35:33 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E79 723 B
371 B 180ms
180ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=1475767982&adk=2994297318&adf=2952329647&pi=t.ma~as.1475767982&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698070&bpp=1&bdt=220&idt=502&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=347&ady=4737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=2&fsb=1&dtd=505

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

608e1e60d93741a3270f8b45be755b300de154f037ba70ca3c4b4a372f86fc28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: Tue, 14 Nov 2023 08:14:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 0ECA 299 B
445 B 3ms
2ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: ooLn/0NGF17xiRMGCTI5RGSifUImtUG9eXnoIPwwkbSicMcgkThqMb37BkDOjhEoiW7tWnVHZ0xqnjj2ZfHmiw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 02 Nov 2024 19:27:44 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame A97D 0
229 B 119ms
118ms Other
text/html 2404:6800:400a:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200d Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce--bcfJsEkrppnPnrmBl1xVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheavycover.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:14:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce--bcfJsEkrppnPnrmBl1xVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 478691279-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame A97D 12 KB
6 KB 48ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/478691279-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheavycover.net&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 09:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5186
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 23:08:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 09:09:10 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame A97D 18 KB
7 KB 98ms
97ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d654ba61eb4a272d76a9584f27d09926c1e43014913d867f2bc01c1427176de5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 08:14:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "05cd1a187895dd61"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 08:14:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB3F 76 KB
34 KB 297ms
297ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=3456461586&adk=3910447648&adf=1123053392&pi=t.ma~as.3456461586&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698124&bpp=12&bdt=275&idt=461&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=957&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=463

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4909662432ad430a18a4e02143050e2c2d42134f58a1d467d941300852b468d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: Tue, 14 Nov 2023 08:14:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
b.hatena.ne.jp/entry/button/ Frame 1D51 1 KB
1 KB 4ms
3ms Document
text/html 18.65.216.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal

Requested by

Host: b.st-hatena.com
URL: http://b.st-hatena.com/js/bookmark_button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.216.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-216-116.nrt57.r.cloudfront.net

Software

nginx /

Resource Hash

ea47e2879882a413167f901d604799b6da46072d687a48c8fc726acfe746c0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 08:14:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 af1dba21626a829695c3fa888cc0952c.cloudfront.net (CloudFront)
x-amz-cf-id: 1sHbGZ9QJTCwx4-glvbVpIq9MpfF7uetLPeFu2meLuDsqfLwPEN2Vw==
x-amz-cf-pop: NRT57-P4
x-cache: Hit from cloudfront

GET
H3 200 T3DO38Clbii.js Show response
static.xx.fbcdn.net/rsrc.php/v3iTSw4/yb/l/zh_CN/ Frame 0ECA 525 KB
135 KB 4ms
4ms XHR
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yb/l/zh_CN/T3DO38Clbii.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aeca109f2b929ce1109b2aa4c5cd8a3605549e4996fe15ddedb3fa5c05d77d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AuYiXlFYQlKwCaKDgbUAfg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138605
reporting-endpoints
x-fb-debug: 2ByBkGVOwyft1xaQpsjUQGovuS55Uat0Xoz7ss+U2LV6bc6WtFDVDuy2H+lPhae4dwCRT/R0bORkmsn3eLhcow==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Fri, 08 Nov 2024 17:38:10 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA35 0
19 B 47ms
46ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&adk=1812271804&adf=3025194257&lmt=1699949698&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1699949698311&bpp=1&bdt=462&idt=293&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&nras=1&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=309

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 08:14:58 GMT
expires: Tue, 14 Nov 2023 08:14:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 42ms
41ms Image
image/gif 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sns&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:14:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reset.css
b.st-hatena.com/css/ Frame 1D51 2 KB
1 KB 5ms
5ms Stylesheet
text/css 65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/reset.css?fd7587a537b0ac76ecbd26694a766c3f753bd198

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 21:47:31 GMT
last-modified: Mon, 23 Oct 2023 11:20:17 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 37647
etag: W/"653656f1-817"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: __JSfaY_6jUxoFfjCn4YpQMtbqeF_7Bkmd2NeDP3QLIWIvoR6JZiJw==
expires: Tue, 14 Nov 2023 21:47:31 GMT

GET
H2 200 entry-button.css
b.st-hatena.com/css/ Frame 1D51 5 KB
2 KB 5ms
5ms Stylesheet
text/css 65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/css/entry-button.css?fd7587a537b0ac76ecbd26694a766c3f753bd198

Requested by

Host: b.hatena.ne.jp
URL: https://b.hatena.ne.jp/entry/button/?url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&layout=vertical-normal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 32171
x-cache: Hit from cloudfront
last-modified: Mon, 23 Oct 2023 11:20:17 GMT
server: nginx
etag: W/"653656f1-134a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: rjMYh2fT4m9lQvuYEwgYA65SrsMIGPcq8gsRCz-G7RKcN8LBppFSxQ==
expires: Tue, 14 Nov 2023 23:18:47 GMT

GET
H/1.1 200
OK button.13c48d2966337fafa1c1eb5533fdf29d.js Show response
platform.twitter.com/js/ 8 KB
3 KB 3ms
3ms Script
application/javascript 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/731D) /
Resource Hash: fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 08:14:58 GMT
Content-Encoding: gzip
Age: 3066145
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2617
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (tkb/731D)
Etag: "def6f3052007521ae22a38b870dfd318+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EC1B 4 KB
2 KB 146ms
102ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 08:14:58 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame EC1B 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?jzmY5w
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Y2bBWmlQgBM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
41ms Preflight
text/html 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 14 Nov 2023 08:14:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC1B 90 B
134 B 41ms
40ms XHR
application/json+protobuf 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/ja_JP/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e17661da7617d93c4ea6d0902dda7d56e711c0d42a3ac74e0b17cf957c55336e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 vertical-en.svg
b.st-hatena.com/images/entry-button/ Frame 1D51 3 KB
2 KB 4ms
3ms Image
image/svg+xml 65.9.42.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/entry-button/vertical-en.svg

Requested by

Host: b.st-hatena.com
URL: https://b.st-hatena.com/css/entry-button.css?fd7587a537b0ac76ecbd26694a766c3f753bd198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-83.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

3b0d71516f26850ac7fe8e547fa5eaf17412c660036960ff36cc7cc0dd0178be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://b.st-hatena.com/css/entry-button.css?fd7587a537b0ac76ecbd26694a766c3f753bd198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 12:36:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 2144301
x-cache: Hit from cloudfront
last-modified: Wed, 18 Oct 2023 06:03:04 GMT
server: nginx
etag: W/"652f7518-df1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
x-amz-cf-id: bLYI1KSNjl4CalQeinFxwfPqczlaN7xNm_CLQdmDVezJuKAqs1QD0A==
expires: Sat, 19 Oct 2024 12:36:37 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/ Frame A97D 64 KB
23 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d127dd2279301f5a78a378d3c716874f4d1c87fb320715231fcfb48619479e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23240
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 20:39:57 GMT

GET
H/1.1 200
OK follow_button.d37472b4a6622d0b1fff46ad904f6896.ja.html Show response
platform.twitter.com/widgets/ Frame E785 38 KB
15 KB 3ms
2ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/731D) /
Resource Hash: 05d3d40976c33e8a6c903c696948dd92e93a439de2915e5951ef280dbe9a159d

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3066140
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14389
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 08:14:58 GMT
Etag: "b08cc105c735e99e89aa7eeb0623689c+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:16 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/731D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html Show response
platform.twitter.com/widgets/ Frame BBCF 34 KB
13 KB 6ms
3ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/731D) /
Resource Hash: ae1ca63f024eec5f97696a1d88f0f5d4e3c653b33dda58214dce1bbf74ea9ce0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3066141
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13012
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 08:14:58 GMT
Etag: "0ce4845049413d187740302c44ab72f4+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/731D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html Show response
platform.twitter.com/widgets/ Frame F33F 34 KB
13 KB 8ms
2ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/731D) /
Resource Hash: ae1ca63f024eec5f97696a1d88f0f5d4e3c653b33dda58214dce1bbf74ea9ce0

Request headers

Referer: http://heavycover.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3066141
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13012
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 08:14:58 GMT
Etag: "0ce4845049413d187740302c44ab72f4+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/731D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 101ms
100ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1699949698767%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=8ead34ff04ebfeac498f8ec09d92d27a31a7ff2c

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 97
date: Tue, 14 Nov 2023 08:14:58 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 14 Nov 2023 08:14:58 GMT
server: tsa_m
vary: Origin
content-type: image/gif
x-transaction-id: 75b0e58c89b354ca
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: a975e446f0dc065925cde91f49032f8ad5905c516684271a33373d07c3703afc
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
95 B 107ms
106ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1699949698767%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=8ead34ff04ebfeac498f8ec09d92d27a31a7ff2c

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://heavycover.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 14 Nov 2023 08:14:58 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 14 Nov 2023 08:14:58 GMT
server: tsa_m
vary: Origin
content-type: image/gif
x-transaction-id: a6817ff322c0c05f
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: a975e446f0dc065925cde91f49032f8ad5905c516684271a33373d07c3703afc
content-length: 43

GET
DATA 200
OK truncated
/ Frame E785 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BBCF 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F33F 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 9909228881386590442
s0.2mdn.net/simgad/ Frame EB3F 2 MB
2 MB 50ms
5ms Image
image/gif 2404:6800:4004:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9909228881386590442

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191624480432912&output=html&h=280&slotname=3456461586&adk=3910447648&adf=1123053392&pi=t.ma~as.3456461586&w=336&lmt=1699949698&format=336x280&url=http%3A%2F%2Fheavycover.net%2F2020%2F11%2F15%2F3674&ea=0&wgl=1&dt=1699949698124&bpp=12&bdt=275&idt=461&shv=r20231109&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2859096140990&frm=20&pv=1&ga_vid=1610748454.1699949698&ga_sid=1699949698&ga_hid=1086569809&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=957&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C42531705%2C44807464%2C31078301%2C31079383%2C31079155%2C44806139%2C44807764%2C44808149%2C44808284&oid=2&pvsid=4151482154802631&tmod=1082876209&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=463

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f28795b3ce0b945a110ca99ea0766625233d90f72a5851f6abcbd4d40676a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 02:56:45 GMT
x-content-type-options: nosniff
age: 364693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1838396
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 02:43:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 02:56:45 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EB3F 41 KB
14 KB 49ms
5ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 02:17:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 02:17:40 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EB3F 36 KB
14 KB 50ms
7ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:44:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
server: cafe
etag: 7890425002344327526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 03:44:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EB3F 3 KB
1 KB 48ms
5ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 07:10:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EB3F 20 KB
9 KB 47ms
4ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 07:10:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB3F 192 KB
61 KB 99ms
48ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 08:14:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame EB3F 23 KB
9 KB 48ms
6ms Script
text/javascript 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 06:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 06:24:40 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6640 38 KB
13 KB 6ms
4ms Document
text/html 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 21436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 02:17:42 GMT
expires: Wed, 13 Nov 2024 02:17:42 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EB3F 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c36af04d1ee72f64f7c16582cc0d9dcca4dcbfcc3eadb8f274072b2b3b2510d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EB3F 0
809 B 94ms
50ms Image
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7-ZT7Rvxs2NV4OTeC49GHMLk01j7xfkF5AxpmNpyT_cQxYBSk2Pud643LfnFXPfkgG95_u-7awVl6Bjl3QVrynN8vVZmERdd8j-UEIWtXm2QL5YmnJSxr7NnT9ZBwT4p5BMFT92sR0QbEo_jyNFtlutru0Cgr8HyZCHkgjDg4QJC2Nf-7eJ_9RenjapJjOLGKvKBxDWFjRsRR010WYbLYIwOTXD2IJqyt9Fv4yP7I7oBd0e8MeeSUpnQqtQ1eUkhAF6WGO8SJtDr07SvXzGau-l7Ao6VOaBP0JCff0eKiXlOiRftiGF7LprB0L_svaX-x2XoAIljk6VZW7MVLljbRijeLj8Vh29ln5lE4RShlMTIzLqd2cBUqefgug5U-pRcRGkz79JQN9BSWSP4pG5luwxdbeAajQicEN1oZ50JUs4ntw91EWV9Dq-ossbZEcqtd_5j4gVOha-fvWi3eEBr0nzrfn_il9FJEykT1pxKetwVUOnvTNjn-4rp2Ewl0BiqzK2dFd2C7mjQUgLC1ccN4zgLpuqftFbULHZYFF0gJ08Pd8bQexm11Cq4HIK_z93ymH58WikFMl_O3DRsbuAx_onM8m5v1d6C6VsisySW4An7anbsLRta8umt411iEkNkIn2bGBATaR1bSoGlWpkP48F31x6vlcau80wEYWss4trfQa_EFCQeuXoRwRKBf4ix5xUAWlLAfZElMs1t2tsrfQ2m1eOyEedfomY5iiJ3LHb9RiGQ71aJwNaqsRPddrgYB8jjmXMz7TrrpGvQfzgLI7AursXooH9-KebXjCJMmysOk5ZfBA08olkVct_YqRHxgZhTWh6bAJNUohp9RFHQ-0GrxZtmgLH7FEmVGQLu2YKkEz1Go5U0Q4MkPqnjzQbeeWpDvsjqEX1uKiChxcDcV2hYRv4dVTwBKNwcab-UnNbve49gKu9f7iqtIuEXk12NpMSFPn4H_KhgRSo_yKBobE82w10_SmExT7sCt10HPipTnZvtipl5WlT8mRAGEs0o9fyjqlq6nGRmaDQbmgvInmjoE1M-OFcKR5rgh6vJMuVlzD3-G5uwcOPwczyPgcRQJuvq5XG4zEb9TCRPRryilmWLQuEXPkyzp9hYuEP8II8KeWkCb7bWXvCB4v8HA6AJQk7ujJrCBhS9C_z_Qgb3sfHsXxPX-8-ss65d7zUHpqSK5Vpqd9Rzm54KbUeGIJqlx7bZbFUskjz86waAAXBmXOma7ignKpM7RTZ8&sai=AMfl-YTfCgk_8IY-sFhxJHtvq4P9tv-a2NJdhZzFoM4XzU5s7mt3VWv5B_JX6O9OW91QAkhLpcN36sPPQRxtreUVs97NeTxuA_66wjr6kaVb3SwjULhJLwGSpKxyHBUbCpkowpwvTNejURQEA2zUCNg0KQvS3rdiZQ1dJEfL26ot2zMDM_PNQAhmiylV8flpWGz6cAMkGT4-qFw0UQUz8xjvBECv3JSbuhf7fzKnEwp1usA0Kx6_owT9zcKiCMdK5_t-dfGbTsQi_5Qz07wupOzdZpO_0434UH9GlSccC6PhVdkudDU0CGsm1xM1VuJtT7x1wqN1lwFd21AwsDZYbgzIxqnlnyJ1dNKWCBJq62ADy4EdgmkaLA4yNzJMBcYwdr7Tuo3JG4XCOAFVYmyUN98uJHuHsc9_caMmSjv9tm_KY-lCvDfkgtk5ZQ2oSuk8VowjjTv-AkdQxqOQHEiu8fEFyyBuzzrvUCjarvAAoCxPcf3G9j3zc5mRKbc&sig=Cg0ArKJSzLZ0ZRgiltYpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&cbvp=2&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 14 Nov 2023 08:14:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 14 Nov 2023 08:14:59 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6640 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 08:08:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6640 0
20 B 45ms
44ms Image
image/gif 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJpC2gixTZfOFJtmD7OsPkLmruAsAAAAAOAHgBAI&bg=!aWqlaiXNAAZxrfrxUa07ADQBe5WfOBWaIUXO-hf-YeFpqlSZyuHKKI1C1EX9ppjRUSgkJAYFSdLVLXwUTVNosl5wfpFmAgAAADhSAAAAA2gBB5kC2DYZVG6LMRZaeThxrVE7G8SZHR9xbNBvLmpxwGdYmjbmlsTK_-ntfO-2F-bQJryRaa99MhBEs8zFGaPFKaV0tq7hOQVezHPEGYxysJ3z2vg2P8jT1H1jeLOxEvZ5CQDtHlPm6crYaAlocJZy_ItuEBb0gsbCGyKe-CghFHb-_yQ8-jiMhrlLFVU0-R1m5oBkfIZmPuH_BdeJ01TqH1PQR_m4GnkhqBg7PG-8v-VXpx8HfEi7b0bJgrQBUtD1QtGuPYA709RzcnyTTboS9phDwYK3rBYYXEEgL9i2nGn__m9SYFHgeHuz9bcvIvz5ZhJLP4K4j5bUziO3UdRimEjU1bW22y1IoQ5lVB1XsoY11wuCRSJg_0zobibvTn9TwVbqvepCG24yeKDZF1xQFOOPEPzuZq7Sn7WCDkH6lCa9lItsWmETI9vhOADAjd0MgLyY-4uugMOEV30RnVkPnSUahZsU7tZwIWxheTqXHZl3UmH7aYNYKpKNNUMJ3NRlXSw57hPDPshwf2-pmxyd4ed5q1JUjMsGsHaWHYtVo-ajgv7BIPz4WPcbj-TToxRBzHi45W03itqKAi2J_135MQa2ztH8DZnXZ0Htx4ldmI3IU-1nxROlZozjKyblE8t9suzHG5qp9gICXj51ID3oGwtcg10MJGjEBso636MCRNw_FexDc4RyMmwB2C-fDu8qTKGOt8kiH4HjgQ0wfT_xQgap7BEMokVBi5YG5KtGbioK1lz9zYLcPU8k7EjKmgz7HTy7902h7wfGuOqegKX550cxcFi1BKlbwiVoDfNAxJHBGwwRFJbnRRyW4ixVRY1d3w7A_dLFJUvlGvjf9HcrtU3Av_ck92ZfSGNiY5_4UWAgApGnhqdmMzanMuqFx8_R_e-8Icks4yOdMXzX6mIJxPqVncy91-NMyhN2yZwfcSQ6tize_2M9v7Q-L9kxpNpuHiyFO-jcm9Muywvh

Requested by

Host: heavycover.net
URL: http://heavycover.net/2020/11/15/3674

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:14:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB3F 42 B
64 B 82ms
43ms Fetch
image/gif 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbHuzw-8rwGcIMGCGPV6VGPN0cikWQS4YMauM3vevreIO6hQEr9s1YosDJyCHAYOs6nS8DJ0BaX2sfq1VoZk47skpKL017cGBsllh2BmQDYtVumbAblQNim5a8_huTHRHcG2x_4zIj8JMwSL4Ki-B8X7tWmHVmZQY4Nem_OMP1RxmN-PGCpRsygJUKLIxenbFXWg&sai=AMfl-YRSxnPXtbvbzvh03dt7BrWTxlDpfXMYsnwrr_Fw7YuOsqvbHS84_yKHVEeg-jhuc2xrnpfTEx2b_uopsd1-Yr8QCAM2Pcxdx_9oWX6qPC9r1_AkVHHn3VdgqfEUzT7casLkoZcVd5esD-UvdWsP&sig=Cg0ArKJSzId-6BM7pA1REAE&cid=CAQSTgDICaaNyDdl9AKwnMoZOV4zrWXRzgIHkOC4JNL-oNrw_7x2rtWJRGb9tO6IoDuMoMAYnp3hWVkSMjgwJUE52v4liCe3DoFzR2qDvIFbhRgB&id=lidar2&mcvt=1003&p=0,0,280,336&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3910447648&rs=2&la=0&cr=0&vs=4&r=v&rst=1699949698588&rpt=454&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 08:15:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EC1B 28 B
50 B 46ms
46ms XHR
application/json 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Goog-Request-Time: 1699949700460
Content-Type: application/json
X-YouTube-Utc-Offset: 540
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Y2bBWmlQgBM
X-YouTube-Client-Version: 1.20231107.01.00
X-YouTube-Time-Zone: Asia/Tokyo
X-Goog-Visitor-Id: CgtTdG80T3NSemdxVSiC2cyqBjIICgJKUBICGgA%3D
X-YouTube-Ad-Signals: dt=1699949698403&flash=0&frm=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 14 Nov 2023 08:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ir-jp.amazon-adsystem.com
URL: http://ir-jp.amazon-adsystem.com/e/ir?t=houkagobass-22&l=as2&o=9&a=B003S0VHQU

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 20:36:00	Name: NID Value: 511=l06TOK-gesiAaYgdsQXfxaihG-MMUkCdi1dJkR71FRcSXLzaoQCFztPmBs1Fo9m0L5aviL_VY8ne0KyBKmD6gPS6mJsjnOyN7rl8SlmlaH_3_nBJ3_w-9zcWoPSfGPc0y5KnCFyt93hna8KElFPeGBJc_wZtaXAa4PjdLr8W67Q
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 59r3s9Sqh6M
.youtube.com/	1970-01-20 20:31:41	Name: VISITOR_INFO1_LIVE Value: Sto4OsRzgqU
.heavycover.net/	1970-01-21 01:48:29	Name: _ga Value: GA1.2.1610748454.1699949698
.heavycover.net/	1970-01-20 16:13:56	Name: _gid Value: GA1.2.138573397.1699949698
.heavycover.net/	1970-01-20 16:12:29	Name: _gat Value: 1
.heavycover.net/	1970-01-21 01:48:29	Name: _ga_R6LE9YGYFL Value: GS1.2.1699949698.1.0.1699949698.0.0.0
.heavycover.net/	1970-01-21 01:34:05	Name: __gads Value: ID=656eb2e6b237cf3d:T=1699949698:RT=1699949698:S=ALNI_MZW5AevzsjfxgD9bUFFeJkLZ9T9NQ
.heavycover.net/	1970-01-21 01:34:05	Name: __gpi Value: UID=00000c861e7373fb:T=1699949698:RT=1699949698:S=ALNI_Ma7oPQ-QtGng2RYv3H_KaSm1kT6OQ
.doubleclick.net/	1970-01-21 01:48:29	Name: IDE Value: AHWqTUn7avpc3YoVaz1asoyPNlWnGFw5gmMS29i3AHM_7C_RzvlqT0gZhOvdjsHKq9c

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://developers.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
b.hatena.ne.jp
b.st-hatena.com
developers.google.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heavycover.net
i.ytimg.com
image.with2.net
ir-jp.amazon-adsystem.com
jnn-pa.googleapis.com
js1.nend.net
m.media-amazon.com
pagead2.googlesyndication.com
platform.twitter.com
s0.2mdn.net
ssl.gstatic.com
static.doubleclick.net
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
ws-fe.amazon-adsystem.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
ir-jp.amazon-adsystem.com
104.244.42.136
133.125.14.121
142.251.42.130
162.43.112.11
18.65.216.116
192.229.237.25
23.217.124.138
2404:6800:4004:801::2001
2404:6800:4004:801::2003
2404:6800:4004:801::2008
2404:6800:4004:801::200a
2404:6800:4004:80a::2006
2404:6800:4004:80c::2016
2404:6800:4004:810::200e
2404:6800:4004:811::2006
2404:6800:4004:81c::200e
2404:6800:4004:81f::2002
2404:6800:4004:821::2002
2404:6800:4004:822::2002
2404:6800:4004:823::2003
2404:6800:4004:824::2004
2404:6800:4004:826::2003
2404:6800:4004:827::2001
2404:6800:400a:80a::200e
2404:6800:400a:813::200d
2404:6800:400a:813::200e
2600:9000:26a6:ce00:1d:d7f6:39d3:7a61
2606:2800:248:2f:1d8a:787:dc7:17df
2a03:2880:f00f:104:face:b00c:0:3
2a03:2880:f10f:83:face:b00c:0:25de
52.119.167.103
65.9.42.120
65.9.42.83
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
05d3d40976c33e8a6c903c696948dd92e93a439de2915e5951ef280dbe9a159d
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0ab583bab6a8dc2e70a56deadedd3acb266cbe7855e1f2f40a8f465b5eaabb2d
0f28795b3ce0b945a110ca99ea0766625233d90f72a5851f6abcbd4d40676a03
0fda122942f39c62ebd2d1ac9de0cf6c6e4cefefb31eb86e39777f46c7ed5064
10beee2a79608d72174473834ef4928bb879e74c586c8e1553706a54fe27521c
1223d46f694f23c4ef4447e4c5429a0ad75a5f8eed768d04fb0e6e50931e562c
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1bd3eade8296c4e75fd95fd7567a8b8bcd9cd80450f722396d7cb291882def86
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f37e06582863926e9e00aa5427681f20be068bbd8c37dfbdac0c4161315300f
2567a066d05d1878cb6f9571dbe2f8d0d088a56bea39053994871dcdd9f881d7
290516efb4eef62abc30e4d1db613eb3906f958ce99be041942d0388efe00221
2ce2927bdd5374a59ff4c1a138e16ace6d96cd6cb4343d2eb5df0c6067f5b355
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3316b3ce32bd93cd3f04aa87e38fca639c28710f5b88c0ddc7b29d60e5d5eac4
34d95b83f17fe2c4f3b25663cc2996447196bc5adf5db71b86246c5a3e545226
3864997e6b8359deb1fec1018293fc5abc569009c4b36f190fdf265bc5a43f50
38de0947e43879080ef67b781064a8766e9f391463e4bfb0174e12a4399ae383
394d5defcfeec4d3785db20e78e3d744c1f99d17cc09916d0f2f37ec6647b00c
3a03881d88437511e4ad027306b3fb17de46f7c81a0411faf13b857b09a1d1db
3a145bd5915543ade2ef9a52ecb8df926358700bd9bea60497eea142251474a8
3b0d71516f26850ac7fe8e547fa5eaf17412c660036960ff36cc7cc0dd0178be
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4708a14555eadcdbed87fdef1cdb7959721c7738f68a0d1c7dfad7ce1b62e3e0
4aea13eba5ef3838f3bdeca986afcacedf3e6c595e021a8a4042d9e7c2827d86
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d2c312e972dfe35d470717909ab371d7428534462c0f64948f051934ec99222
4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c
508470342fdbc5d8affab54da85ebc260f809b8c363cf5989a63797401bed338
55561d7426ab36b80ca944a3ba8c40e30b35fd538072405d59ce83a0a9d35eb1
56dceb2425ae940c4f08366c1e1b1c35829746a233906a3de36f8052c6254b95
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c7467f7fc09ce049ca50f2fd0a44294290804587c7b2b4798829e7eabfd5df2
5c8b358c4e5934601dec6d69dd0cf36774bd5fa13d5cdfa85083f82ee1277358
608e1e60d93741a3270f8b45be755b300de154f037ba70ca3c4b4a372f86fc28
61403f586e03ca26a4920ac368ecf4973ad46def79a1b46532f6bfc3d5573125
616eed74eb49c365bcf928da0383ccedf660742c08b6e7a800d61984a92539b3
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6c36af04d1ee72f64f7c16582cc0d9dcca4dcbfcc3eadb8f274072b2b3b2510d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
729a1416748fa50d2806bdc2664522f78c64511e6638d0cd2f7df5407ba3b4ef
798bfbbde70c9a0106aaedb9f79ed6b985408fe87154b6db8302b6e7e6085b7f
7c9b15fecca246352c00382819917bd3805ec7808eb668fae0661ee7401a5e0b
7da39b12e0f26ceb120e131749b6e0def3b165b1aea016cc1d83e51eb513b788
7ecb96d72377a3b681d551cdf98f9e63e61b6b616e1e531826d4c0ea448c72ab
82c7ef12aa12a8aa9ca1673d85f159a12d7e82acfeca841cd24f2e04409b83c5
83f33fe9d05af75b55875855f4b1c66d6eff605cfa694489845ba17b55c330d9
85246cef7521515f42570070668df154b0cb5bdfc8293a79cc51b1c05c8c2950
85fa61edac901fbc676d712ee5f53842a8ac5678d997ee3674235e8597da761d
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
8c38e4137faa1fea4776e411312ad0598bc3ec1c5ba8a3f2d65eccc83933eabb
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
91534084a9fe322743bec535941abe0346d427c35668c587a906b91d3169d56a
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9b750b4baeaf88b2ac42100bcc3ea6d799a6ba8c3c5b2cce1d72a75a6c0952f7
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1
ae1ca63f024eec5f97696a1d88f0f5d4e3c653b33dda58214dce1bbf74ea9ce0
aeca109f2b929ce1109b2aa4c5cd8a3605549e4996fe15ddedb3fa5c05d77d2a
b0d834826ab651691b552fe6e18f0a7e0237d4b07bbb30eb428bc0d70aa80bc5
b1e2f33452a52b791444e4cf45bda7c88855776169993355b97e830d7b3199c3
b4909662432ad430a18a4e02143050e2c2d42134f58a1d467d941300852b468d
bcb3d4f2b47ad64db5ea776c33c7b01bb318940ef97cc6410e5812315b9d8ac2
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c3fdc10665930dfdc09500b5fd5aab97c53c0c0bf93dd89d5fb83ad35948a75c
cb1f5b0427de8dfe2f5218d74e5fda8b17fe30f27f4e443d730b897a20776a63
cecced3759ead676c01a7fa67745175f258e1cf40bac53e54a958236c65180ed
cf451cb1d53ced8c642908be97ab502a090889a651c502f2984526a29afc7117
d127dd2279301f5a78a378d3c716874f4d1c87fb320715231fcfb48619479e04
d25e364abc480f72ab2f9d16c257ab6c25ecee2646fe28d5a07f58a597f0d494
d4d57dda63c1eb86de7b6b1a213e238d2e6c12d202ccfb71f450b31a7e3752c5
d654ba61eb4a272d76a9584f27d09926c1e43014913d867f2bc01c1427176de5
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a21aa709244d9b86dec8aeadf026889f5cbbb99e1bf0b9f57ee0bb8b00d781
d99a40e3a18a6844a50f558a9de423203b42f161257b86190f25083363f60f23
d9cef3fff134e7041380467fe0124de8f0bfeb39639ef03c635496bddec4c68b
da009bc4206a12e34d7f0f49923cddb27bb5eef30ebd6d8b80def4858b87fcb3
dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decacf01479fc2ca2bfd13911fec525de73648f40691808fc12fe7d9b6f4ea33
dfb59dcbaa2109e8f1dcbdfc624f3e0413326994a90b9d91f7c1b598beb2bca3
e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660
e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701
e17661da7617d93c4ea6d0902dda7d56e711c0d42a3ac74e0b17cf957c55336e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea47e2879882a413167f901d604799b6da46072d687a48c8fc726acfe746c0c6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec9b77392669d283add37a187514bf71642e8293107127fbf062ad96fbc03e8b
eccb8a9b4ea3fb2c6715566d56d1ce447492ec56bd3b6ce7c89b1be2d3eee1dc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effbe7106f3934dae78e0c57f5fdeb1a506ad6508454997502a2a9f0ac93b4a8
f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab
f0d79483ceaca2a1b1980bb6427cfbaa3eaa0832cc8948817503201c2a74d0ce
fb06b264a5883c5cf70f408049617e381745dfe8a478707fe7a85c8c4c493b27
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fcf410468ab3ab44c71c8a9e1c8733bd1f62bec00286df7f06c68b875327ac97
ffec01a06994a0ce139afb81e8cf22e95eddde308bcc70ce8088580908c069a5

heavycover.net Open in urlscan Pro 162.43.112.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

57 %HTTPS

70 %IPv6

22 Domains

32 Subdomains

32 IPs

3 Countries

7729 kBTransfer

12648 kBSize

10 Cookies

7 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heavycover.net Open in urlscan Pro
162.43.112.11 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

57 %
HTTPS

70 %
IPv6

22
Domains

32
Subdomains

32
IPs

3
Countries

7729 kB
Transfer

12648 kB
Size

10
Cookies

127 HTTP transactions
5 data transactions