www.thothchildren.com Open in urlscan Pro
13.114.112.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.thothchildren.com/
Submission: On February 27 via manual (February 27th 2024, 3:11:58 am UTC) from AU — Scanned from JP

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 76 HTTP transactions. The main IP is 13.114.112.195, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.thothchildren.com.

This is the only time www.thothchildren.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.114.112.195 13.114.112.195	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:801::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 22	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
1	52.219.162.155 52.219.162.155	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:e6:... 2606:4700:e6::ac40:cc14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:801::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:822::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.198.2 142.250.198.2	15169 (GOOGLE) (GOOGLE)
76	18

3 13.114.112.195 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-112-195.ap-northeast-1.compute.amazonaws.com

www.thothchildren.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:801::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2404:6800:4004:801::2002 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.162.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: s3-website-ap-northeast-1.amazonaws.com

img.thothchildren.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cc14 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:81f::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.198.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	553 KB
13	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com — Cisco Umbrella Rank: 2	71 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	82 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	361 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 136
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1464 ka-f.fontawesome.com — Cisco Umbrella Rank: 3033	24 KB
4	thothchildren.com www.thothchildren.com img.thothchildren.com	75 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	69 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082	34 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	30 KB
76	13

	Domain	Requested by
14	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.thothchildren.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagmanager.com	www.thothchildren.com www.googletagmanager.com www.google-analytics.com
4	www.googleadservices.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	www.thothchildren.com	www.thothchildren.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.thothchildren.com googleads.g.doubleclick.net
2	maxcdn.bootstrapcdn.com	www.thothchildren.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	img.thothchildren.com	www.thothchildren.com
1	kit.fontawesome.com	www.thothchildren.com
1	cdnjs.cloudflare.com	www.thothchildren.com
1	code.jquery.com	www.thothchildren.com
76	18

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.thothchildren.com/
Frame ID: 73E0773E0F0053BBEFB0DF9956352ACE
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 58F0798E420A0AEAEB6F344F40841F3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5308314393131886&output=html&adk=1812271804&adf=3025194257&lmt=1709003512&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fwww.thothchildren.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1709003512195&bpp=4&bdt=127&idt=267&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5038886459051&frm=20&pv=2&ga_vid=725079252.1709003512&ga_sid=1709003512&ga_hid=249199485&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325069%2C95325752%2C95326315%2C95324155%2C95324161%2C95325791&oid=2&pvsid=3254115317747730&tmod=307879446&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283
Frame ID: 7EAD2BA5369ADE30D7FD1838F5305E35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1
Frame ID: 1A9CB574082A6321FC26E639C9CB85B7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1
Frame ID: 214C84A9C7781D7B39F515AAB959069C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77C355AB77316FE1EBA9FA72E09A0799
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9463335593EF0FA002D1F35A708AA2C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CC5C5C78FAD67C5E182269AF27E5C7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Frame ID: EF8D9F65F1229CBC952E9597150F2D73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js
Frame ID: 8CDC4650C1E30FFE301572B3421110A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン - ThothChildren

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

91 %
HTTPS

82 %
IPv6

13
Domains

18
Subdomains

18
IPs

3
Countries

1326 kB
Transfer

3655 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 53

https://googleads.g.doubleclick.net/pagead/adview?ai=C4CIv-FLdZcObH7Wjid4P446owAX6nsLLdb_niuyaEmQQASCQzb1QYInzxYT0E6ABxrjEnwPIAQmpAsCMBTiShjw-qAMByAPLBKoEiwJP0PiakwdRddboEcoAydD5C2SpEPNCGn45D2_AbfsuRxRXe58zw2aK0o214XtTwYP9BBSIKZ3W8mhMjyUCAyPiG25GT_1sYt8LeQgxpT65cjKu_jJQjnvkQ2u9rfAQGo3SSHjygwyg-sewAMKkBR-dMXjUeWjabHVfTedpekt-HBjE4ydm4cFmcCyfNXuKM2ObpqMjcv4lzxXrcCq_I-ZpZRXI9-vCJuyelYo6GU9Dbj_QOZOW9DA0ku6iG4uBMYuYhmi5f4xBgaGxRqelNe6XuFXkAWL_GxllzZGYS4cYg4qlo3eBjiC-dXkie6-20U8w_M9JqfUoIictuE4KT16PY95slD6S6CKrykHABNPg7qXjBIgFz9GZkU6SBQQIBBgBkgUECAUYBKAGLoAHose7YKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEELzFBNIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliy3aGaxsqEA5oJH2h0dHBzOi8vc3RvcmVzLmp0Yi5jby5qcC9zZWFyY2iACgHICwGYDOTJ143hBNoMEQoLEPCyutyl5-CfkAESAgEDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MzA4MzE0MzkzMTMxODg2GAA&sigh=LcvktP7hBIc&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqyyloxC48rRYTKU8E9aZP8VeZ90e7PRP8T8qpF9ULYySbD5Eo5fVaENj5J4QOsPD5VdmMgYdTgx3s3CPOdHOb6CxBTX6VCKvZAb4YAQ&template_id=515&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2c465099c72707a00000000000000000%22,%222%22:%220xc79473047327d0e50000000000000000%22,%223%22:%220x7ea957bb2755578f0000000000000000%22,%224%22:%220xd314a1a05d92a3980000000000000000%22,%225%22:%220xbd9dd81f65021ce40000000000000000%22},%22debug_key%22:%2211074301658509421171%22,%22debug_reporting%22:true,%22destination%22:%22https://jtb.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871439430%22],%2222%22:[%22true%22],%224%22:[%2202-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221598917416711655281%22}&andc=true

Request Chain 63

https://googleads.g.doubleclick.net/pagead/adview?ai=CxO6e-FLdZcWbH7Wjid4P446owAXe9enzdbiI66HYErOQHxABIJDNvVBgifPFhPQToAG_3v_DA8gBAqkCwIwFOJKGPD6oAwHIA8kEqgSVAk_QdqZHQYjjkM92R2n12CSGALMUJVc2nmaSif1h5iYN_lvSwCXaxlcEAwC_0PTgVyeOxgFtAqe8LHc8ak-KVDwVHBmUajgT7I0mDs5YTyqBYNUZS0TKRBg1SlolrUPsevaQf5-_niIXVWTRadXnVYZQKm7lvH3fHUiH8clRcoLPsaRPiR_06FkNrsgu8O6dBw7qQDHbr_X0b8o1R-rG9nzawMkHcMNBwm2_hT-rlrr-Fe6-fQG8jl_9c4V4FdwI6TB2W5nTQklh5ovdQMdSloUfXL-S1TOsx_NHZaG21d5ix-1udhzHBrXp1-NMBxw2voVLUkqEion57sQBaAMa9MXhtvjFdlwVqfl6Hvrf88KKSKWRYxLABKvfpq_DBIgFl7fI8keSBQQIBBgBkgUECAUYBKAGAoAHqaGAPKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEL_8AtIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliy3aGaxsqEA5oJmwFodHRwczovL2l0LmV4cG8uaXQtdHJlbmQuanAvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249MTkyOTkxNzk0MTUmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1yZW1hcmtldGluZ192M4AKAcgLAdoMEAoKEJDngdPgoJeLCRICAQPYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTMwODMxNDM5MzEzMTg4NhgA&sigh=XgSPv4byTSk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqyyloxC48rRYTKU8E9aZP8VeZ90e7PRP8T8qpF9ULYySbD5Eo5fVaENj5J4QOsPD5VdmMgYdTgx3s3CPOdHOb6CxBTX6VCKvZAb4YAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5c24d23f13c00b310000000000000000%22,%222%22:%220x18ee0f9e4cf395f50000000000000000%22,%223%22:%220x980f1cb4f86dd2eb0000000000000000%22,%224%22:%220xde884e41e4b489220000000000000000%22,%225%22:%220xaec0e048e335cc750000000000000000%22},%22debug_key%22:%2215175126857946697873%22,%22debug_reporting%22:true,%22destination%22:%22https://it-trend.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947908415%22],%2222%22:[%22true%22],%224%22:[%2202-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227942762527403277089%22}&andc=true

76 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.thothchildren.com/ 9 KB
9 KB 18ms
7ms Document
text/html 13.114.112.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.thothchildren.com/
Protocol: HTTP/1.1
Server: 13.114.112.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-112-195.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: a4aef6ea04b646488dcf2b800c8f36ac64b27912fbabf100ec86e14232f626c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Length: 8838
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Feb 2024 03:11:52 GMT
ETag: W/"2286-zhYnQzPiTStCTA/cD7KkziTGRZM"
X-Powered-By: Express

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 94ms
50ms Script
application/javascript 2404:6800:4004:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108747900-1

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d8c91b66c7d04cd09ff4677e9107a90a1c2ce5f18a4cc933de9391a6564bce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
21 KB 26ms
13ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thothchildren.com/
Origin: http://www.thothchildren.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 996
age: 2087824
cdn-cachedat: 09/26/2022 01:50:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7e923ad223e9f33e54d22e50cf2bcce5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 56a6a23d0e596c484dcb568c2ea872f3
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85bd3e2e8da3e014-NRT
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 14ms
2ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: www.thothchildren.com
URL: http://www.thothchildren.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: http://www.thothchildren.com/
Origin: http://www.thothchildren.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9495375
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-nrt-rjtf7700045-NRT
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1709003512.082769,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 87, 201203

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 22ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thothchildren.com/
Origin: http://www.thothchildren.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2168388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6714
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-619d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkGdNp2XkFqCMx3MsU7adWTcAZFAeQYAMWKGnEFa9Iozu402oH5E5Kg%2B7yzFctPuciZp%2B1SfXGpiZXISkN2kN1KELPwVCtRWMMOTb4zCSujeX16tIhhhwdCUFmW1uTsHbEJGA3hoYklqojfQLUQEh5N1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85bd3e2e7960afb2-NRT
expires: Sun, 16 Feb 2025 03:11:52 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ 46 KB
13 KB 23ms
10ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thothchildren.com/
Origin: http://www.thothchildren.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1111
age: 9513424
cdn-cachedat: 06/19/2023 21:23:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0827a0bdcd9a917990eee461a77dd33e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 92d646ddd0cf5d0c4f69fcd46fd397f6
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85bd3e2e8da4e014-NRT
cdn-requestpullsuccess: True

GET
H/1.1 200
OK lazysizes.min.js Show response
www.thothchildren.com/lazysizes/ 6 KB
7 KB 5ms
4ms Script
application/javascript 13.114.112.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.thothchildren.com/lazysizes/lazysizes.min.js
Requested by: Host: www.thothchildren.com
URL: http://www.thothchildren.com/
Protocol: HTTP/1.1
Server: 13.114.112.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-112-195.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: cbd03df58eabe2c1364fdd32784b2443a187400c5ce19ac2c8880c27ab13164f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 03:11:52 GMT
Last-Modified: Thu, 15 Jun 2017 21:10:21 GMT
X-Powered-By: Express
ETag: W/"19b6-15cad97ba48"
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6582

GET
H2 200 cb00499b0c.js Show response
kit.fontawesome.com/ 12 KB
5 KB 28ms
19ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/cb00499b0c.js
Requested by: Host: www.thothchildren.com
URL: http://www.thothchildren.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e6e09d16209581abea9dab452d80c46c9a8be104ee0944c441d1935442c4502

Request headers

Referer: http://www.thothchildren.com/
Origin: http://www.thothchildren.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 85bd3e2e7ebe80c5-NRT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7Zw4iqIjYyxteChRtaC

GET
H/1.1 200
OK common.css
www.thothchildren.com/stylesheets/ 23 KB
23 KB 4ms
4ms Stylesheet
text/css 13.114.112.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.thothchildren.com/stylesheets/common.css
Requested by: Host: www.thothchildren.com
URL: http://www.thothchildren.com/
Protocol: HTTP/1.1
Server: 13.114.112.195 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-112-195.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: dcc3af0747a80d28b7368bfa2753256d09cf1d333f4179d56ac554e03c291ac9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 03:11:52 GMT
Last-Modified: Sun, 18 Oct 2020 16:26:04 GMT
X-Powered-By: Express
ETag: W/"5b27-1753c8841d7"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23335

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 59ms
53ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

HTTP/1.1

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8943f69ae06f3f4a550a01808910bf532a97dbe1edb5d3ee6882b3e7edbfbc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 03:11:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54295
X-XSS-Protection: 0
Server: cafe
ETag: 14060566659150792294
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H/1.1 200
OK thothchildren.png
img.thothchildren.com/ 35 KB
36 KB 45ms
35ms Image
image/png 52.219.162.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.thothchildren.com/thothchildren.png
Requested by: Host: www.thothchildren.com
URL: http://www.thothchildren.com/
Protocol: HTTP/1.1
Server: 52.219.162.155 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-website-ap-northeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 51eb75e88970739e97fdb8a1094733a1f847b7eada43d832df840e46fd3d51dd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 03:11:53 GMT
Last-Modified: Sat, 21 Oct 2017 12:23:14 GMT
Server: AmazonS3
x-amz-request-id: 5BN27BY524YT1WGE
ETag: "ef0328b9a77259844db5e067dc799472"
Content-Type: image/png
Content-Length: 36296
x-amz-id-2: OMMzX5khXzzoh4gcnLLcmxva7u9yoHUgTIJiCgOC6ru3+bzT9VPF7IoZ/Dl3wdlfvGph8UKocqY=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
54 KB 44ms
44ms Script
application/javascript 2404:6800:4004:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBMLCKV

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96e9449b95baf3e3bdfeba91c49137552621bbfe9a4c154a625f787c5211f97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54805
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 23ms
12ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=cb00499b0c
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cb00499b0c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
via: 1.1 113c59bcc7514e6035b0efada4559c76.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: NRT12-C5
age: 9171403
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr%2F6UX6%2FDhLFmN0DDhI5ks%2FyGW%2Bi714rlhAYfHSnxatT9T967rIkUnIYGxwyZCO88087DFUQDm3xRwUTZR6GjX98hPreNrBHpe9fArCRr7VFnHIkraeORVPN%2BPb8qX84PUVduZcDfJ0MgaRxbh4K0kbaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85bd3e2ec952dff1-NRT
access-control-allow-headers: fa-kit-token
x-amz-cf-id: l-I3GSDPmKvQfdvJdZNyHxxvEQCwy7fDOLJZRZVPa6lErJ8jD2x53A==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 22ms
11ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=cb00499b0c
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cb00499b0c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
via: 1.1 96e29e2d286e9945c6f86b08bdd9beb2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: NRT12-C5
age: 10115019
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atBsRWeXJOy4ENPj1FA7mVTaUqLDVtvrkLg1PlhvOVwfCJ3v5qWoXDxlnA%2Fnt0waaY2rJfwFhzXY8PjkSaCI1%2FEKn%2BtzLYLbcQAhqZrqpxsBxXqjjk8%2BFaMxT8zwMzTFyEyYTxWHtiwlTwsO7zhPISHGqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85bd3e2ec957dff1-NRT
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0UByYLq4_eRQkpGvtysV_XQ33T-BgcLySdU5HAK9y0Pg-xFt7YgmdQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 21ms
11ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=cb00499b0c
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cb00499b0c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
via: 1.1 b7837731fea73f358f38a6ff02d487be.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: NRT12-C5
age: 9435976
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjQuS75jQGPvdD0oNfKdmLgX6aLyxC72MCuz6YpCjsQEWTx8T3Qs6EbYUTMHlMX0kVs2zi7WL9HmFoOHqsV5TptEG%2BbMdyLRMNnlvERwzo8h97IHxA%2B3PpQ1Kbl2Zbh0rJW37DNEdEgb0xE5K2a4X4jG6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85bd3e2ec955dff1-NRT
access-control-allow-headers: fa-kit-token
x-amz-cf-id: QGzX0Zzvj82n2X1Zefor2qWJ9lVdxlKoxQNyMFSoIpeeYy_9EK4Qxg==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
854 B 85ms
43ms Stylesheet
text/css 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Allura

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ebc079f0ef3df49dfc3c701c204f5e82de05402905d91b72f506d79d8658c0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 03:11:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 43ms
2ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBMLCKV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 02:42:45 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1747
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Feb 2024 04:42:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 46ms
45ms Script
application/javascript 2404:6800:4004:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108747900-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBMLCKV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

262cac90235a461f9c4e4b55e699465f062cb12bb72b2b5b70423db7941e4003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 408 KB
139 KB 102ms
62ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b891903811c719a343dda57814c4cef4c8ba6a1f615cc5664bf6485e321f44e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141441
x-xss-protection: 0
server: cafe
etag: 5586604537379365076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 58F0 9 KB
5 KB 49ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 02:48:51 GMT
etag: 9539045072340585784
expires: Tue, 12 Mar 2024 02:48:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9oRPNYsQpS4zjuA_iwgW.woff2
fonts.gstatic.com/s/allura/v21/ 26 KB
26 KB 48ms
5ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/allura/v21/9oRPNYsQpS4zjuA_iwgW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allura

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.thothchildren.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 01:08:07 GMT
x-content-type-options: nosniff
age: 353025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26576
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:19:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 01:08:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 39ms
39ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=249199485&t=pageview&_s=1&dl=http%3A%2F%2Fwww.thothchildren.com%2F&ul=en-us&de=UTF-8&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20-%20ThothChildren&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=569462121&gjid=326007672&cid=725079252.1709003512&tid=UA-108747900-1&_gid=457505114.1709003512&_r=1&_slc=1&gtm=45He42q0n81MBMLCKVza220&gcd=13l3l3l3l1&dma=0&z=1272215840

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6cc884dd112021b3acda146dfd142da8d9a70756b83467a6cc88b0c9574cf19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 03:11:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.thothchildren.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 47ms
47ms Script
application/javascript 2404:6800:4004:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S9QBMQFXWL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108747900-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f88cf2adb406f0b813892229d9c535f8d442e9d5eeb405197ee259f83fc0e5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 03:11:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 42ms
41ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=249199485&t=pageview&_s=1&dl=http%3A%2F%2Fwww.thothchildren.com%2F&ul=en-us&de=UTF-8&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20-%20ThothChildren&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=970041342&gjid=290756274&cid=725079252.1709003512&tid=UA-108747900-1&_gid=457505114.1709003512&_r=1&gtm=457e42q0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1580783977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 03:11:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.thothchildren.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 46ms
46ms Script
application/javascript 2404:6800:4004:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S9QBMQFXWL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39d3d477cf67403261b64ef8a70dac6f22e71fe4fa84fa6872c42ed4db1e51a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 03:11:52 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 39ms
39ms Ping
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S9QBMQFXWL&gtm=45je42q0v9114929866za220&_p=1709003512085&gcd=13l3l3l3l1&npa=0&dma=0&cid=725079252.1709003512&ul=en-us&sr=1600x1200&ir=1&pscdl=noapi&_eu=EAAI&_s=1&sid=1709003512&sct=1&seg=0&dl=http%3A%2F%2Fwww.thothchildren.com%2F&dt=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20-%20ThothChildren&en=page_view&_fv=1&_ss=1&tfd=327
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S9QBMQFXWL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 03:11:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.thothchildren.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EAD 325 KB
69 KB 354ms
354ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5308314393131886&output=html&adk=1812271804&adf=3025194257&lmt=1709003512&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fwww.thothchildren.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1709003512195&bpp=4&bdt=127&idt=267&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5038886459051&frm=20&pv=2&ga_vid=725079252.1709003512&ga_sid=1709003512&ga_hid=249199485&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325069%2C95325752%2C95326315%2C95324155%2C95324161%2C95325791&oid=2&pvsid=3254115317747730&tmod=307879446&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1e8a7e799eb00b9725d3d4491488df885ecfe28962ed5255ef31ddfbc176fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 70230
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 03:11:52 GMT
expires: Tue, 27 Feb 2024 03:11:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
54ms XHR
application/json 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40991733132ad96fec88f03d115df41cfa2c4548d2112cfa01766b30e5b56a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12214
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 166 KB
56 KB 57ms
56ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85bae44c1e4aad17539720069f477084aaff611fbdf1e2b9806826f472164b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57342
x-xss-protection: 0
server: cafe
etag: 11483090386253754981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 03:11:52 GMT

GET
H2 200 ca-pub-5308314393131886 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 112ms
58ms Script
application/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5308314393131886?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

915f91c33c8ae6d224c126f3cddcebf7da1819687665078a7a4ff0231bba435d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JsPpwkzY1J-9nSBDB5eWIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-JsPpwkzY1J-9nSBDB5eWIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48HC9-66awqQKy5fjprIBDHPJ_OmgLEi1lnsK4GYqf0GawBQPw5cwbrbyD2qZ_BGgXEJivPs9oAsRAPx4-lX9exCRzYsOYmMwCVoEQO"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 168ms
83ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 03:11:53 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 1A9C 9 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 9432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 00:34:41 GMT
etag: 9539045072340585784
expires: Tue, 12 Mar 2024 00:34:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 214C 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 9432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 00:34:41 GMT
etag: 9539045072340585784
expires: Tue, 12 Mar 2024 00:34:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVUQaZ6ufXfl18KMWyZ4Jpo-ZPfwQQDAzpL6bymIjLmVFYRqNGhTn3Jgs8ZlPGRM4yRrlZrsfSqFTVYBzOwM5UKn8Szekc8H2amFu0jAUp6R9kUXz_LUp0ly5fxwX80DxXIMLXRWw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 60ms
59ms Script
application/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVUQaZ6ufXfl18KMWyZ4Jpo-ZPfwQQDAzpL6bymIjLmVFYRqNGhTn3Jgs8ZlPGRM4yRrlZrsfSqFTVYBzOwM5UKn8Szekc8H2amFu0jAUp6R9kUXz_LUp0ly5fxwX80DxXIMLXRWw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MDAzNTEzLDY3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vd3d3LnRob3RoY2hpbGRyZW4uY29tLyIsbnVsbCxbWzgsInNQT2lmTWNfcGFJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyNTk5Ml0sbnVsbCwzXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91ec0ba43d09191da7279714468da01d88e5d750497c8b892f438d556a11c14a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-d_S59KpHyAvwSS1StrXBLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-d_S59KpHyAvwSS1StrXBLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48HC9-66awqQKy5fjprIBDHPJ_OmgLEi1lnsK4GYqf0GawBQPw5cwbrbyD2qZ_BGgXEJivPs9oAsRA3x8-lX9exCcx4NMUYAEvIQ08"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1A9C 926 B
550 B 58ms
58ms Stylesheet
text/css 2404:6800:4004:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%88%86%E5%BE%85%EF%BD%9E%20%EF%BC%93%E3%83%89%E5%A4%96%E3%81%AF%E7%9B%AE%E3%82%93%E6%B5%B7%E3%81%8F%E9%9A%8E%E6%99%82%E3%81%BE%E5%BA%97%E9%96%8B%E3%83%BC1%E4%B8%81%E2%88%92%E8%A1%8C8J%EF%BC%91%E6%97%85%E3%81%97%E5%B7%9D%E4%BA%95T%E7%B4%84%E3%81%9B%E3%81%9F%E3%81%B80%E3%81%94B%E5%88%A5%E3%81%AA%E3%83%A8%E5%8C%BA%E8%AB%87%E3%81%AE%E3%81%8A%EF%BC%96%E3%82%AB%E3%80%82%E3%81%A7%E5%A4%A7%E3%83%88%E3%82%A4%E7%89%B9%E7%94%BA%E6%9D%A5%E7%9B%B8%E4%BA%887%E5%93%81

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63f370d242c6e31648060cb597258f57f0ebc7449b4d6918df881a298d7b5abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 03:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 03:11:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 03:11:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1A9C 2 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:52:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 1A9C 23 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 03:03:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1A9C 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 03:03:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 1A9C 20 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 03:03:33 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 1A9C 225 B
355 B 4ms
2ms Image
image/png 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 18:22:11 GMT
x-content-type-options: nosniff
server: cafe
age: 31782
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 27 Feb 2024 18:22:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1A9C 204 KB
61 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 03:48:56 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 1A9C 36 KB
15 KB 47ms
2ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 19:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 May 2024 19:39:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 214C 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 03:03:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77C3 143 B
166 B 6ms
5ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 02:57:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 214C 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 03:03:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 214C 20 KB
8 KB 3ms
1ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 03:03:33 GMT

GET
H2 200 11195249680759359903
tpc.googlesyndication.com/simgad/ Frame 214C 48 KB
49 KB 5ms
4ms Image
image/png 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11195249680759359903?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkRQ7BxkBVqo5K4azD2QTwFNy5xw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c4a84fa47b7526d4e4f0e13317bcd70bec5299d06153c551df7477d16466aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 01:08:55 GMT
x-content-type-options: nosniff
age: 352978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49651
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:30:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Feb 2025 01:08:55 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 214C 204 KB
61 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 02:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 03:48:56 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 214C 36 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 03:34:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14601
x-xss-protection: 0
server: cafe
etag: 13220165445093104717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 03:34:52 GMT

GET
H2 200 15320980177178045969
tpc.googlesyndication.com/simgad/ Frame 1A9C 3 KB
3 KB 6ms
5ms Image
image/png 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15320980177178045969?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31573ab59f2c877b99f415ef1b3a42e8c75429476ca0600005494b0dfc84f238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sat, 22 Feb 2025 01:26:19 GMT
date: Fri, 23 Feb 2024 01:26:19 GMT
x-content-type-options: nosniff
age: 351934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2938
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 06:14:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 1A9C 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

78ms
77ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 03:11:53 GMT
expires: Tue, 27 Feb 2024 03:11:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 03:11:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxX2hsR6VslPaHfhJGDRpgIBclJXkzNYMC94I7yGQQiI0B0VL1Q8CNUgJD4_jD9eS7lu3jzTli5Xjab4kHDykBwwNeYlBHBDqkXzq3VynHRQnm57xdU1VGb5pGDxQO1xE94GLLnNjQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 55ms
55ms Script
application/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX2hsR6VslPaHfhJGDRpgIBclJXkzNYMC94I7yGQQiI0B0VL1Q8CNUgJD4_jD9eS7lu3jzTli5Xjab4kHDykBwwNeYlBHBDqkXzq3VynHRQnm57xdU1VGb5pGDxQO1xE94GLLnNjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MDAzNTEzLDE0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly93d3cudGhvdGhjaGlsZHJlbi5jb20vIixudWxsLFtbOCwic1BPaWZNY19wYUkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkyXSxudWxsLDNdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19010cc6e0ed70e86314e442e272d9312a6506bf09b24181ea6eb46567c47af3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MCiLqmPj4ZR8E1BUcYXLJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-MCiLqmPj4ZR8E1BUcYXLJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48HC9-66awqQKy5fjprIBDHPJ_OmgLEi1lnsK4GYqf0GawBQPw5cwbrbyD2qZ_BGgXEJivPs9oAsRA3x8-lX9exCWxYvjMMAE71Q3k"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1A9C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a59b064ff587f1dc6cbb4d80fbd7da88577c1a803b8ab43636dcc007286669

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1A9C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4CIv-FLdZcObH7Wjid4P446owAX6nsLLdb_niuyaEmQQASCQzb1QYInzxYT0E6ABxrjEnwPIAQmpAsCMBTiShjw-qAMByAPLBKoEiwJP0PiakwdRddboEcoAydD5C2SpEPNCGn45D2_Abfs...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2c465099c72707a00000000000000000%22,%222%22:%220xc79473047327d0e50000000000000000%22,%223%22:%220x7ea957...

0
0

89ms
40ms

Fetch
text/css

142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2c465099c72707a00000000000000000%22,%222%22:%220xc79473047327d0e50000000000000000%22,%223%22:%220x7ea957bb2755578f0000000000000000%22,%224%22:%220xd314a1a05d92a3980000000000000000%22,%225%22:%220xbd9dd81f65021ce40000000000000000%22},%22debug_key%22:%2211074301658509421171%22,%22debug_reporting%22:true,%22destination%22:%22https://jtb.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22871439430%22],%2222%22:[%22true%22],%224%22:[%2202-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221598917416711655281%22}&andc=true

Protocol

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x2c465099c72707a00000000000000000","2":"0xc79473047327d0e50000000000000000","3":"0x7ea957bb2755578f0000000000000000","4":"0xd314a1a05d92a3980000000000000000","5":"0xbd9dd81f65021ce40000000000000000"},"debug_key":"11074301658509421171","debug_reporting":true,"destination":"https://jtb.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871439430"],"22":["true"],"4":["02-27"],"6":["true"]},"priority":"500","source_event_id":"1598917416711655281"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Feb 2024 03:11:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 27 Feb 2024 03:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2c465099c72707a00000000000000000","2":"0xc79473047327d0e50000000000000000","3":"0x7ea957bb2755578f0000000000000000","4":"0xd314a1a05d92a3980000000000000000","5":"0xbd9dd81f65021ce40000000000000000"},"debug_key":"11074301658509421171","debug_reporting":true,"destination":"https://jtb.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["871439430"],"22":["true"],"4":["02-27"],"6":["true"]},"priority":"500","source_event_id":"1598917416711655281"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E946 13 KB
5 KB 4ms
3ms Document
text/html 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 350510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Feb 2024 01:50:03 GMT
expires: Sat, 22 Feb 2025 01:50:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2CC5 829 B
997 B 46ms
45ms Document
text/html 2404:6800:4004:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f53a32c65d0e476297542bd4a2ca269c493ae2450d6ac8380731210d01c9357

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e2XgcQoaeD2TXWuFZtZuIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.thothchildren.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-e2XgcQoaeD2TXWuFZtZuIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 03:11:53 GMT
expires: Tue, 27 Feb 2024 03:11:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1A9C 27 KB
27 KB 3ms
2ms Font
font/woff2 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq203dVtt0tVpM0LRNgNTS9W0Edgj_ppibdw92Dv-3aHvq3JED07D79Xdz36Vj3thJjrcoOTXwVWDBt-aE8n8SMDPIT3tpDolj2shtZoZVupm_X4p8u_-4sm_9GAkZYUaF1xbplh97OWSYi-jBLCG5x5LgH-8BtVbrzxqVvHvuNPJw09Mdx0Cp9fh4gQU6ZzBZB-qlm6tjdkwm9g_vQaDvyZjR2MRKag2MiBIWNdCK1OPvsbDGvlB_awckc3gIm&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%88%86%E5%BE%85%EF%BD%9E%20%EF%BC%93%E3%83%89%E5%A4%96%E3%81%AF%E7%9B%AE%E3%82%93%E6%B5%B7%E3%81%8F%E9%9A%8E%E6%99%82%E3%81%BE%E5%BA%97%E9%96%8B%E3%83%BC1%E4%B8%81%E2%88%92%E8%A1%8C8J%EF%BC%91%E6%97%85%E3%81%97%E5%B7%9D%E4%BA%95T%E7%B4%84%E3%81%9B%E3%81%9F%E3%81%B80%E3%81%94B%E5%88%A5%E3%81%AA%E3%83%A8%E5%8C%BA%E8%AB%87%E3%81%AE%E3%81%8A%EF%BC%96%E3%82%AB%E3%80%82%E3%81%A7%E5%A4%A7%E3%83%88%E3%82%A4%E7%89%B9%E7%94%BA%E6%9D%A5%E7%9B%B8%E4%BA%887%E5%93%81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6185d2736837e72dad41a86ec69e2674efe53f61dda30da8ac8856d84c3c5f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 04:50:22 GMT
x-content-type-options: nosniff
age: 80491
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27500
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Feb 2024 04:50:22 GMT

GET
H3 200 JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js Show response
pagead2.googlesyndication.com/bg/ Frame EF8D 50 KB
19 KB 3ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js

Requested by

Host: www.thothchildren.com
URL: http://www.thothchildren.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 01:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19629
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Feb 2025 01:12:05 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 124ms
42ms Preflight
text/html 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 03:11:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame E946 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 00:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 00:34:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2CC5 0
0 40ms
40ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=3254115317747730&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 214C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edde8cf1e37aaa04b6ea8624c1e13669c28f7bb5f3162febf846e769a656be31

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CDC 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 01:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19629
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Feb 2025 01:12:05 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 214C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CxO6e-FLdZcWbH7Wjid4P446owAXe9enzdbiI66HYErOQHxABIJDNvVBgifPFhPQToAG_3v_DA8gBAqkCwIwFOJKGPD6oAwHIA8kEqgSVAk_QdqZHQYjjkM92R2n12CSGALMUJVc2nmaSif1...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5c24d23f13c00b310000000000000000%22,%222%22:%220x18ee0f9e4cf395f50000000000000000%22,%223%22:%220x980f1c...

0
0

76ms
42ms

Fetch
text/css

142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5c24d23f13c00b310000000000000000%22,%222%22:%220x18ee0f9e4cf395f50000000000000000%22,%223%22:%220x980f1cb4f86dd2eb0000000000000000%22,%224%22:%220xde884e41e4b489220000000000000000%22,%225%22:%220xaec0e048e335cc750000000000000000%22},%22debug_key%22:%2215175126857946697873%22,%22debug_reporting%22:true,%22destination%22:%22https://it-trend.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947908415%22],%2222%22:[%22true%22],%224%22:[%2202-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227942762527403277089%22}&andc=true

Protocol

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5c24d23f13c00b310000000000000000","2":"0x18ee0f9e4cf395f50000000000000000","3":"0x980f1cb4f86dd2eb0000000000000000","4":"0xde884e41e4b489220000000000000000","5":"0xaec0e048e335cc750000000000000000"},"debug_key":"15175126857946697873","debug_reporting":true,"destination":"https://it-trend.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["947908415"],"22":["true"],"4":["02-27"],"6":["true"]},"priority":"500","source_event_id":"7942762527403277089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Feb 2024 03:11:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 27 Feb 2024 03:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5c24d23f13c00b310000000000000000","2":"0x18ee0f9e4cf395f50000000000000000","3":"0x980f1cb4f86dd2eb0000000000000000","4":"0xde884e41e4b489220000000000000000","5":"0xaec0e048e335cc750000000000000000"},"debug_key":"15175126857946697873","debug_reporting":true,"destination":"https://it-trend.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["947908415"],"22":["true"],"4":["02-27"],"6":["true"]},"priority":"500","source_event_id":"7942762527403277089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
40ms Preflight
text/html 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 03:11:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E946 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?83MGEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxUmFUnM94-UhaZuWneAnNkVwRi2zdLZWUakbTxp3omeMPZ7DtwIHMgjUH3_ypjCw9BGKHXdVRBIZoJ9pWmqcStjO54tEg4QSkklI3IzUxxJDsKYH3XqyKVlgNd_B_M6Mlp84UlZ6tQiSOHbc_G452SxhmkCT... 54 B
110 B 50ms
48ms Script
application/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUmFUnM94-UhaZuWneAnNkVwRi2zdLZWUakbTxp3omeMPZ7DtwIHMgjUH3_ypjCw9BGKHXdVRBIZoJ9pWmqcStjO54tEg4QSkklI3IzUxxJDsKYH3XqyKVlgNd_B_M6Mlp84UlZ6tQiSOHbc_G452SxhmkCTmTTdTNcMJ33KmASMer0HNgHUCWg6cER/_.ads-tool./athena/tag/?/erobanner./ad.serve./webads_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxb0iEu73VBukPBvXN_NXSR2nwuaw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cda62c680e70ce3f710b4f75daa2d7f03b4900e41653871e59419287705a0c2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SLOGZAVYAf_nrAGrVciAOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-SLOGZAVYAf_nrAGrVciAOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48HC9-66awqQKy5fjprIBDHPJ_OmgLEi1lnsK4GYqf0GawBQPw5cwbrbyD2qZ_BGgXEJivPs9oAsRAPx8-lX9exCcw4tWURMwCR30PN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 4ms
3ms Script
text/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 04:01:25 GMT

POST
H3 204 AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 86ms
44ms XHR
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VAQ-kKTEAqYOZGKMIHekug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-VAQ-kKTEAqYOZGKMIHekug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4fi59Os6NoENK65sYwYAS6MV-g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.thothchildren.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 80ms
44ms XHR
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--kp5HFJjuqnCrfT9g7zUsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: script-src 'report-sample' 'nonce--kp5HFJjuqnCrfT9g7zUsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4fi59Os6NoEL_bu2MwMASQsV3A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.thothchildren.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
47ms XHR
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qq13NpcO7Z_fUcMChHVUUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-qq13NpcO7Z_fUcMChHVUUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4fi59Os6NoEDP97tZgYATH0WdA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.thothchildren.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 55ms
54ms XHR
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zP40rJeoMoIt6HoLHPcW-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zP40rJeoMoIt6HoLHPcW-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi4fi59Os6NoEd557tYwYASX8WMw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://www.thothchildren.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWkDIE0ajyJj8OYoRvKnv8lsYCqZ21AffzV1Nxpjtl-mBiNSKg5G2Uzo5pQH8LdfQaks5_HFJaKEBf8TFVqGEhp7qXdPFIMe7tiuxjJG0EzTiRLBO43h5ZmbJo-m1GX8YHNa2JKKw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
57ms Script
application/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkDIE0ajyJj8OYoRvKnv8lsYCqZ21AffzV1Nxpjtl-mBiNSKg5G2Uzo5pQH8LdfQaks5_HFJaKEBf8TFVqGEhp7qXdPFIMe7tiuxjJG0EzTiRLBO43h5ZmbJo-m1GX8YHNa2JKKw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MDAzNTEzLDkxMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL3d3dy50aG90aGNoaWxkcmVuLmNvbS8iLG51bGwsW1s4LCJzUE9pZk1jX3BhSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjU5OTJdLG51bGwsM10iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f615c5ff7f22b67600fd99810048f6f97b50d1974ebe6c7e42baa00b30ee83b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KRBgp0ySjNvNhIpGPIg56A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:11:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-KRBgp0ySjNvNhIpGPIg56A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KAhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8fUlkwQQqwHxO8lXTN-AeIePBwvfuumsKkCsuX46ayAQxzyfzpoCxItZZ7CuBmKn9BmsAUD8OXMG628g9qmfwRoFxCYrz7PaALEQD8fPpV_XsQl0XPl3lBkAuwRJNg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=3254115317747730&bg=!8vGl8b7NAAZ3BdUuVwU7ADQBe5WfOPVQWHAFNUitlZtL2APfTaAVk78y9qQ4WAiKyzFNs6WvxGetQVvfLKYzXYNW9P_HAgAAAGpSAAAAC2gBBwoACWDBDqG4AyrtQpkC4L65t3Ksw5-LGcSw7ve88opZ8EbicrWAsD_79j9Q84Cm0mS1UyBu8S_B6h9wNesgLr8bFLSCgR5Akgbjede27I8ncrpuWEDU2KWFFy_t6KdfWinDxUAXuJinOrBMBz2eJFximqbAaQPRvPwsjlYKxSMJBm8qfYnKacZZcRqgRGONJZcepYabxgQHsrBK6eu0EC_8iK3DRRmXMpR9XdnG0QLxlSOTOpAdw7rtwkIO9se0O95NrJeAv9NNAtkzKsyqhmCUsWRpiA_YWGhwPLS5coYgqpXH-A10s5kGBEf2pjp3OqpsD5u73Kh71tNc71dVWSsqLdS7FXQT8stmbwnoIQWtF1AdES8CkD3z8uOfYuv5r4rRUbN44zM0VOlPgrmoa2EcFQ2dBLXZiJKaynmXHLsFB9iiXeUoS1lJ_IA3B-Jnrnskh16VRh4WeG30GK-H_CmL3EpnFKLEG55xXBanusE_7_URvKqKWWI9Y7YiwPtSbm16IkWjHrNPzG7M8JhFq4OCa7Og1AzawhRoNLEl_nqDsQNVsWKMlNEJKuGY19LyasVAKl-XK1Tcm3WoE_u-CGjEIpkKiRDRmBuaW5OcRQnjpKcLOUDMBT6uuwisOE2ea0dLMw49XsNHm5GXlNxOvQ5MbbJQq1eyDFFA0RCD1YkqDMzGtaay_516RM1V6kz44VG3dqSlCIwG9-V9iC0RxKKnqeQtLqB-iTv98jKAkTjSW1GONztjhnN9q4CvYzHr_H3b3K3U0-vwUuQjZbAYcQ59gaArQ_aaGpD2qF9-juaalbFMj41fVItU-7qtmMHF9iKep9zBO7sFLHwk-ai8RSEtN24Mi1NunqbN2EIiqy14sia-KB7-kgcI3s3O1ZvbDqeMIXU1vz-7zRotxtMEr-ItT9CNCdClgPSHj8GExeaZKKHORioiIIq_nQDo57g0cM1Ws4za3wQUOB_-KV0GX7wtJMyTMGZAJn_17GQ55bc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://www.thothchildren.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

POST
H3 204 AGSKWxVh44TO8TY66Zd_cAb9wn2TKn0RCVSKARpUQK2rK2taQP4ujils15RWQgDsUHpgv668rENXDBHy_Gwv_MgMyJuq4deHaiRfp5JTlWl3yyNPhVZTyOrGd_EthDGqgjEn22ccBV-jeQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 64ms
64ms XHR
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVh44TO8TY66Zd_cAb9wn2TKn0RCVSKARpUQK2rK2taQP4ujils15RWQgDsUHpgv668rENXDBHy_Gwv_MgMyJuq4deHaiRfp5JTlWl3yyNPhVZTyOrGd_EthDGqgjEn22ccBV-jeQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0NqeXWGTcPUk-tQapf6LuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 03:11:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-0NqeXWGTcPUk-tQapf6LuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi5vi19Os6NoEX69dxAAAz-hVa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.thothchildren.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 46ms
45ms XHR
text/html 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVelGZZx6AZmCGuSqf0GMxP5FBtMO8P0YhawPYch9bGzZD6dyR8NbLkiqp1ygta9x3Oo9SsO3NYQmVid6kpNtY8yk4VZcucDnX3vBX3-g_PZIzNs4BXlvsJ-xci7dDNkNH53WjywQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dqD7MKlij221bvZYhUUacw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.thothchildren.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 03:11:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-dqD7MKlij221bvZYhUUacw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYAIBbi5vi19Os6NoEZD68zAgAzmxVe"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://www.thothchildren.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 214C 42 B
64 B 41ms
40ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfQHdBIOgEHLWfqINoksprgYFmgRqIJQcBBDItVcVPI6JrFfozY9AJhdq107VDGiootNtT_FLmGP5kKTrsRfoH84es32GXgxjTc0HP-VF-j9rgQQentB2JZIi5MDybw4Qzaa4N9FfeKdK5DPxOfcproB0z8zqQv-E&sai=AMfl-YRu6kIdVuhhrzhj2AzCPf4P78-rwzfoNWGpB8CgmsStsYm7J1o_z6HcCZpzKHEXpIpF8ufCv25B3ajR4ltiiP7aha75Dw6FvLY2RzVi5C1sUI6csT-kA-gatK1jFkscDuKJ_drFgIEO3qdz6cEcQA&sig=Cg0ArKJSzFWHLAECBnaeEAE&cid=CAQSTwB7FLtqyyloxC48rRYTKU8E9aZP8VeZ90e7PRP8T8qpF9ULYySbD5Eo5fVaENj5J4QOsPD5VdmMgYdTgx3s3CPOdHOb6CxBTX6VCKvZAb4YAQ&id=lidar2&mcvt=1001&p=0,0,540,144&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&co=493631300&rst=1709003513062&rpt=119&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 03:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A9C 42 B
64 B 41ms
40ms Fetch
image/gif 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvROggNI8_0ZEmb1R5NBRHhGhF3HzHUW4HIPI-r_1GJxcF8XGeJUcddOfwxFZLp_93AJ6iAfTzSy7dJV5cQThLOQ63FrEWyMPN7FmmhZ_e25l_fn6Kp-nHUurjlBCvJectdDPyIftTYc6w1Xa1TvYQCs6kko-SRKLrXtELQueoWjJ04-nMh9NCQDo5pjGbMzrKzrzB1dS6RkIEA8f9JujGZvCSsD7HuFIvrS9DJHKBSNTWAWkYppzf2ifGjP1lNd5T0Xj-iYnphym1nHwXKAWvZQnw0oe76sCGBTg-5I-RvrDbdLeXorBvwv71EQM_SmPe38y3vXRu6H6xpzbVt4vBlQFDkPzt6xzaACE7ajjV1n-wk_1SKofvfsMbjqC7QKh5UZmF2TJIgtJTeU_6MA3d1BOleU60nuOM3ZeEF75vAnWBWPkfUbDMDgrr08rle2EVtRBrqSF1kDePsFQCCKBMgLurpHhgZZ_c6onrVuMort6ya1Yc3DhNIHWOpLQtFbWBGGwjzOjGaEnF7kMnUlBFYddxG26dcg0DZ19aMGe2K4nQwLvdKqyIeC1Rao4HCHTuYSe4pWlVHIFhyYEu62_F8UyRgyEhFDmLS5LZnKSr0YKmTW5N3um7IVVlenZe1BUvVV6XRP_at_4_WIP-YKzz01ANES6hvYD0J-i3Bw6ozjOM_EbXmnLi4HMPzIc0R5_xwGB1Kltwqc4BrT6wJfmma-Bybj74-1Ch6sUxZwo3_iIIg2Y0dA7FVOAR1zo2eUUp3-0WPPjVVad4asrHu5vshgeftZeDs2ot4Yzstu-6diJ9XLVz74rRrsKVvP85Xyzi0l6GkOUn0JZb9mR3fuOOztPFEsnfaZL2ICVqParVdYhWzr4vn-knEeRtOqAut8YHRncrNLrjWJFwPzrP-QXEru2nRTumTyFaK9YaBr3cOXheUoF64js3bEJZxR3Q6CvN-KpAizMftajykMR5WLosy36tcHIJU9DPzOGcbGBLCUUZrVe3UkOd0Oc2r3Zt2m1ym9sw_NygywFX-g_1EjzG4rRXdqCHSFMkp4lkWGrdIAy-qAM506tHMvlai2YRGp_Swh81zavkOalQn2Omh7818KkDJhxtZfReSB37v5Eob70HPOcPPHesEMFcjZv8jkqkyPXfNE1a6NoeXjg4115b0526Llb6pORXNRG_kDPPZMp4t_T-soTych4EW610CD-yAK5jjC4cWroMjHl4lDmuoAwTZT8rMVTvqCRU8b5ClcPKibq9bzZYgZJ706XpLRz5O4OnDLu9ZCM6ITCAWtTitnMlZI-yFVs342ZZLImyRDoLX&sai=AMfl-YRRsWGhgCKQGA6KiADPj8NW1rdG5MYkfwu_rYVZJiD6k6eVRx1LxbEmmLhtZdafq7gC4mc2s14R7nff2-eDI-OY44eOL451pHPuQB7tjXdxpHPf3r8fMJNlknOjA7gE1-VoLw7DxZcS_678uOKqc4N3kg1rEsoWmGBGWOY&sig=Cg0ArKJSzMPVfU5J1pFeEAE&cid=CAQSTwB7FLtqyyloxC48rRYTKU8E9aZP8VeZ90e7PRP8T8qpF9ULYySbD5Eo5fVaENj5J4QOsPD5VdmMgYdTgx3s3CPOdHOb6CxBTX6VCKvZAb4YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1113,1207&tos=84,683,233,113,94&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&co=493631300&rst=1709003513049&rpt=181&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 03:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thothchildren.com/	1970-01-20 18:43:29	Name: tmpuser Value: fec7d253-241d-4942-b2cb-10cc57971f2b
www.thothchildren.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AD-swNwvN44O4Nat3L0o2Y222wxyMXGB8.MeJ6cE%2FFrMzcl5PwSAOZZeWiahOT5ehw8lU3YRRiNcM
.thothchildren.com/	1970-01-20 18:44:49	Name: _gid Value: GA1.2.457505114.1709003512
.thothchildren.com/	1970-01-20 18:43:23	Name: _gat_UA-108747900-1 Value: 1
.thothchildren.com/	1970-01-20 18:43:23	Name: _gat_gtag_UA_108747900_1 Value: 1
.thothchildren.com/	1970-01-21 04:19:23	Name: _ga_S9QBMQFXWL Value: GS1.1.1709003512.1.0.1709003512.0.0.0
.thothchildren.com/	1970-01-21 04:19:23	Name: _ga Value: GA1.1.725079252.1709003512
.thothchildren.com/	1970-01-21 04:04:59	Name: __gads Value: ID=84a950383c91c14f:T=1709003512:RT=1709003512:S=ALNI_MYKEKPdB7JACdt9gmmTxN-jrwkb9A
.thothchildren.com/	1970-01-21 04:04:59	Name: __gpi Value: UID=00000d1985117560:T=1709003512:RT=1709003512:S=ALNI_MZnCvlQbvLabzxh2Ym9WFUOAJ0DTQ
.thothchildren.com/	1970-01-20 23:02:35	Name: __eoi Value: ID=44634f5e25b44d65:T=1709003512:RT=1709003512:S=AA-AfjZ1hOkciI7UXRbaFD9L9jPE
.doubleclick.net/	1970-01-21 04:19:23	Name: IDE Value: AHWqTUmf-OyRW5xd-IsMTBxjPygO3VsW2vSp5ZkLnDXltWPNXuZCGKOyc-DvMrQQsxI
.doubleclick.net/	1970-01-20 18:43:27	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 20:52:59	Name: ar_debug Value: 1
.thothchildren.com/	1970-01-21 03:28:59	Name: FCNEC Value: %5B%5B%22AKsRol-o998I-i4CQi5OdQR_SQ6MciNadJ1k_6X15gV6_WvAwAOcV9mhVN8PyLGnIM7mPDTtiWzlqWOrHDwWslqzUkUY7wkq-lUXyQnEw0361fgkYByYRUjawFkxL8l_Onm6jfe3QyfJx9oilY2yMZdId9plC7jXFg%3D%3D%22%5D%5D

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.thothchildren.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
img.thothchildren.com
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.thothchildren.com
13.114.112.195
142.250.198.2
2404:6800:4004:801::2002
2404:6800:4004:801::2008
2404:6800:4004:801::200a
2404:6800:4004:81f::2001
2404:6800:4004:820::200e
2404:6800:4004:822::2004
2404:6800:4004:823::2003
2404:6800:4004:824::200e
2404:6800:4004:825::2003
2606:4700:4400::ac40:93bc
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700:e6::ac40:cc14
2a04:4e42:400::649
52.219.162.155
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
11af2195e813c746e06f5dfccc66a824263d97395721fd109fc820cafcc7e1fc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19010cc6e0ed70e86314e442e272d9312a6506bf09b24181ea6eb46567c47af3
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1c4a84fa47b7526d4e4f0e13317bcd70bec5299d06153c551df7477d16466aee
1e6e09d16209581abea9dab452d80c46c9a8be104ee0944c441d1935442c4502
1f615c5ff7f22b67600fd99810048f6f97b50d1974ebe6c7e42baa00b30ee83b
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
262cac90235a461f9c4e4b55e699465f062cb12bb72b2b5b70423db7941e4003
31573ab59f2c877b99f415ef1b3a42e8c75429476ca0600005494b0dfc84f238
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
378b9b4f34551157e0e4a2237a85e0db9556e2f52b3d2d0f9b3d88ba6f82da60
39d3d477cf67403261b64ef8a70dac6f22e71fe4fa84fa6872c42ed4db1e51a5
3f53a32c65d0e476297542bd4a2ca269c493ae2450d6ac8380731210d01c9357
40991733132ad96fec88f03d115df41cfa2c4548d2112cfa01766b30e5b56a55
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d8c91b66c7d04cd09ff4677e9107a90a1c2ce5f18a4cc933de9391a6564bce2
51eb75e88970739e97fdb8a1094733a1f847b7eada43d832df840e46fd3d51dd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
6185d2736837e72dad41a86ec69e2674efe53f61dda30da8ac8856d84c3c5f33
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f370d242c6e31648060cb597258f57f0ebc7449b4d6918df881a298d7b5abc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc884dd112021b3acda146dfd142da8d9a70756b83467a6cc88b0c9574cf19c
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85bae44c1e4aad17539720069f477084aaff611fbdf1e2b9806826f472164b45
87a59b064ff587f1dc6cbb4d80fbd7da88577c1a803b8ab43636dcc007286669
915f91c33c8ae6d224c126f3cddcebf7da1819687665078a7a4ff0231bba435d
91ec0ba43d09191da7279714468da01d88e5d750497c8b892f438d556a11c14a
96e9449b95baf3e3bdfeba91c49137552621bbfe9a4c154a625f787c5211f97f
a4aef6ea04b646488dcf2b800c8f36ac64b27912fbabf100ec86e14232f626c5
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
b1e8a7e799eb00b9725d3d4491488df885ecfe28962ed5255ef31ddfbc176fa1
b891903811c719a343dda57814c4cef4c8ba6a1f615cc5664bf6485e321f44e1
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
cbd03df58eabe2c1364fdd32784b2443a187400c5ce19ac2c8880c27ab13164f
cda62c680e70ce3f710b4f75daa2d7f03b4900e41653871e59419287705a0c2d
dcc3af0747a80d28b7368bfa2753256d09cf1d333f4179d56ac554e03c291ac9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e8943f69ae06f3f4a550a01808910bf532a97dbe1edb5d3ee6882b3e7edbfbc8
ebc079f0ef3df49dfc3c701c204f5e82de05402905d91b72f506d79d8658c0ac
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
edde8cf1e37aaa04b6ea8624c1e13669c28f7bb5f3162febf846e769a656be31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f88cf2adb406f0b813892229d9c535f8d442e9d5eeb405197ee259f83fc0e5cc
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.thothchildren.com Open in urlscan Pro 13.114.112.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

91 %HTTPS

82 %IPv6

13 Domains

18 Subdomains

18 IPs

3 Countries

1326 kBTransfer

3655 kBSize

14 Cookies

0 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thothchildren.com Open in urlscan Pro
13.114.112.195 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

91 %
HTTPS

82 %
IPv6

13
Domains

18
Subdomains

18
IPs

3
Countries

1326 kB
Transfer

3655 kB
Size

14
Cookies

76 HTTP transactions
3 data transactions