urlscan.io logo urlscan.io
SecurityTrails logo

hall.29den.com Open in urlscan Pro
157.112.189.17  Public Scan

Go To Rescan Add Verdict Report
URL: http://hall.29den.com/
Submission: On October 16 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 43 HTTP transactions. The main IP is 157.112.189.17, located in Osaka, Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is hall.29den.com.
This is the only time hall.29den.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 157.112.189.17 9371 (SAKURA-C ...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 130.211.14.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 210.140.105.22 4694 (IDCF IDC ...)
2 210.140.201.9 4694 (IDCF IDC ...)
2 2606:2800:234... 15133 (EDGECAST)
3 2a03:2880:f02... 32934 (FACEBOOK)
43 12
19    157.112.189.17 (Osaka, Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: sv1016.xserver.jp
hall.29den.com
3    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    130.211.14.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 194.14.211.130.bc.googleusercontent.com
cdn-fluct.sh.adingo.jp
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
apis.google.com
6    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    210.140.105.22 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
sh.adingo.jp
2    210.140.201.9 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
i.adingo.jp
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
Domain Requested by
19 hall.29den.com hall.29den.com
pagead2.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net hall.29den.com
connect.facebook.net
2 platform.twitter.com hall.29den.com
platform.twitter.com
2 i.adingo.jp hall.29den.com
2 www.google-analytics.com hall.29den.com
2 pagead2.googlesyndication.com hall.29den.com
pagead2.googlesyndication.com
1 staticxx.facebook.com connect.facebook.net
1 apis.google.com hall.29den.com
1 sh.adingo.jp cdn-fluct.sh.adingo.jp
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 cdn-fluct.sh.adingo.jp hall.29den.com
1 ajax.googleapis.com hall.29den.com
43 15

This site contains links to these domains. Also see Links.

Domain
29den.com
pachinkocol.com
2-9densetsu.com
Subject Issuer Validity Valid
cdn-fluct.sh.adingo.jp
DigiCert SHA2 Secure Server CA		 2019-09-25 -
2020-10-15		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh

This page contains 9 frames:

Primary Page: http://hall.29den.com/
Frame ID: 92A4637A6D023E206E40730DCA7A7C04
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/zrt_lookup.html
Frame ID: 260A2D53FC9B0FF9D1513E595226DDA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&adk=1812271804&adf=3025194257&lmt=1571237659&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fhall.29den.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1571237658483&bpp=568&bdt=989&fdt=569&idt=570&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4639087695573&frm=20&pv=2&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=2723&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=720
Frame ID: 3DEF0DC4CF89A1A275B80748CF4A83B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=280&slotname=3926781004&adk=4257303899&adf=4174598379&w=1020&fwrn=4&fwrnh=100&lmt=1571237659&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1020x280&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1571237659209&bpp=8&bdt=1716&fdt=8&idt=8&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=141966&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=283&ady=142&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MevpYVoDEM&p=http%3A//hall.29den.com&dtd=12
Frame ID: F6194A37EFD042F784F69824F2004184
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=250&slotname=3092977806&adk=2221142892&adf=2596320521&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&avail_w=673&wgl=1&adsid=NT&dt=1571237659255&bpp=9&bdt=1762&fdt=9&idt=10&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=567866&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1990&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JRyPIqNZi2&p=http%3A//hall.29den.com&dtd=18
Frame ID: EADC0AD9E39A708E17A3C77664EE5D62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=250&slotname=3092977806&adk=3830406679&adf=4095194413&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&avail_w=673&wgl=1&adsid=NT&dt=1571237659278&bpp=5&bdt=1785&fdt=5&idt=5&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280%2C300x250&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=2271466&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=1990&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rr8kdG79cy&p=http%3A//hall.29den.com&dtd=10
Frame ID: 316A8BF7E4DCAB06FC4D435CF90D81DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=600&slotname=5008738202&adk=1025447755&adf=1754743552&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&wgl=1&adsid=NT&dt=1571237659294&bpp=7&bdt=1801&fdt=7&idt=7&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280%2C300x250%2C300x250&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=9085866&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=999&ady=460&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j2xLISeHDJ&p=http%3A//hall.29den.com&dtd=10
Frame ID: DFD29AABC682D7B2F9CC789EDB1F09BA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Fhall.29den.com
Frame ID: 0D35A71B749B172D53649B10233B245E
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 04EA7A8A4FCE6D0DE04BAB241AE337D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

42 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

12
IPs

4
Countries

520 kB
Transfer

1266 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 30
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=479103156&t=pageview&_s=1&dl=http%3A%2F%2Fhall.29den.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B9%E3%83%AD%E3%83%83%E3%83%88%E3%83%BB%E3%83%91%E3%83%81%E3%83%B3%E3%82%B3%E3%80%80%E4%BA%A4%E6%8F%9B%E7%8E%87%EF%BC%88%E6%8F%9B%E9%87%91%E7%8E%87%EF%BC%89%20%E7%AD%89%E4%BE%A1%E5%BA%97%E6%A4%9C%E7%B4%A2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=980189995&gjid=766575039&cid=1168984336.1571237659&tid=UA-21639472-15&_gid=1178818147.1571237659&_r=1&z=1414732377 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=479103156&t=pageview&_s=1&dl=http%3A%2F%2Fhall.29den.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B9%E3%83%AD%E3%83%83%E3%83%88%E3%83%BB%E3%83%91%E3%83%81%E3%83%B3%E3%82%B3%E3%80%80%E4%BA%A4%E6%8F%9B%E7%8E%87%EF%BC%88%E6%8F%9B%E9%87%91%E7%8E%87%EF%BC%89%20%E7%AD%89%E4%BE%A1%E5%BA%97%E6%A4%9C%E7%B4%A2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=980189995&gjid=766575039&cid=1168984336.1571237659&tid=UA-21639472-15&_gid=1178818147.1571237659&_r=1&z=1414732377
Request Chain 38
  • http://connect.facebook.net/ja_JP/sdk.js HTTP 307
  • https://connect.facebook.net/ja_JP/sdk.js

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
hall.29den.com/ 		34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
99497ce09bda19b6bbee7cc6577746122dcc81d60a09f6bd8f32decd2931a1f7

Request headers

Host
hall.29den.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 16 Oct 2019 14:54:17 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-Pingback
http://hall.29den.com/xmlrpc.php
Link
<http://hall.29den.com/wp-json/>; rel="https://api.w.org/", <http://hall.29den.com/>; rel=shortlink
Set-Cookie
PHPSESSID=73hqeusmta6iu7hg5g5sgai3pf8smgem; path=/
Referrer-Policy
no-referrer-when-downgrade
Content-Encoding
gzip
607ffa331e4cca354ee7b76fc4130588.css
hall.29den.com/wp-content/cache/head-cleaner/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/cache/head-cleaner/css/607ffa331e4cca354ee7b76fc4130588.css
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
8e2875b14712c2b49105dc41d352e25e4afef6bcb05a0526e222d31c0a2d4ccd

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:17 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 03 Oct 2017 03:06:07 GMT
Server
nginx
ETag
W/"e5e7-55a9bc5b5a5c0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:17 GMT
style.min.css
hall.29den.com/wp-includes/css/dist/block-library/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:18 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 18 Sep 2019 13:35:02 GMT
Server
nginx
ETag
W/"726f-592d3e77b6f5b"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:17 GMT
styles.css
hall.29den.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:18 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 18 Sep 2019 13:36:54 GMT
Server
nginx
ETag
W/"695-592d3ee271599"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7a119c7b8debaa5b419f46458d17a179329c44882d8d2a917763a99f441a45cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 16 Oct 2019 14:54:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13818829727389570083
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
36791
X-XSS-Protection
0
Expires
Wed, 16 Oct 2019 14:54:17 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 14 Oct 2019 14:42:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
173508
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33845
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 14:42:29 GMT
jquery.rwdImageMaps.min.js
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/jquery.rwdImageMaps.min.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
d74c2d14fc5dd9057abed6a1f6ec2a2530c0a7141b756445958a9e371bd7aadd

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:18 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 11 Oct 2016 16:04:01 GMT
Server
nginx
ETag
W/"460-53e9906597e40"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:18 GMT
koukanritsu500.png
hall.29den.com/wp-content/uploads/2017/04/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/uploads/2017/04/koukanritsu500.png
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
14106cc290020ce763043c772e40f1f60bc3a0ef5fa57482ebd70782ece0a679

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:19 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 09 Apr 2017 08:50:27 GMT
Server
nginx
ETag
"2d2c-54cb7f33adac0"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11564
Expires
Thu, 15 Oct 2020 14:54:19 GMT
search-27.png
hall.29den.com/wp-content/uploads/2017/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/uploads/2017/04/search-27.png
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
1b3a5b85383281fe0890f8eec31d7cbc8fdc02af0736ac93c3c9fa67624e8598

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:21 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 09 Apr 2017 08:15:11 GMT
Server
nginx
ETag
"bff-54cb7751b41c0"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3071
Expires
Thu, 15 Oct 2020 14:54:20 GMT
todouhukenbetsunihon.jpg
hall.29den.com/wp-content/uploads/2017/03/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/uploads/2017/03/todouhukenbetsunihon.jpg
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
f894436f70140d2ca3b543a11288c70eb95443328e70995cdc525c6abe1e364e

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:19 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 29 Mar 2017 21:15:35 GMT
Server
nginx
ETag
"19313-54be513c7abc0"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103187
Expires
Thu, 15 Oct 2020 14:54:19 GMT
f.js
cdn-fluct.sh.adingo.jp/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-fluct.sh.adingo.jp/f.js?G=1000072359
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.14.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
194.14.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
00143cdd8042d7e2d8d1c5d26b7af9220fabd74227929b52bd4158d5db77cbfd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:54:17 GMT
via
1.1 google
last-modified
Wed, 02 Oct 2019 04:39:40 GMT
server
nginx
etag
"d62f6b8ed32a41dc6bdc015d92116400"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
clear
content-length
2920
expires
Wed, 16 Oct 2019 15:54:17 GMT
6cb64044e2807179777ee248f85dccf2.js
hall.29den.com/wp-content/cache/head-cleaner/js/ 		107 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/cache/head-cleaner/js/6cb64044e2807179777ee248f85dccf2.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
78d9c9f99d25b5d0f09efbea36f4910019e449b04e846109e3ffa736de53ae55

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:18 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 18 Sep 2019 14:35:34 GMT
Server
nginx
ETag
W/"1ada4-592d4bfeb6620"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:18 GMT
scripts.js
hall.29den.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:19 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 18 Sep 2019 13:36:54 GMT
Server
nginx
ETag
W/"3868-592d3ee2734da"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:19 GMT
utility.js
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/utility.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
4789930b0c419e09fcc0512ace09acac7a6651f46c67be41e43e848ac95495ba

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:20 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
W/"9cb-53df656bc8d80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:20 GMT
socialButton.js
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/socialButton.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
2a64cdb176d390a1be607f8547b77ce615ae129e86d20a1d1b09612079835d9b

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:20 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
W/"9d3-53df656bc8d80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:20 GMT
wp-embed.min.js
hall.29den.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-includes/js/wp-embed.min.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:20 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 18 Sep 2019 13:35:03 GMT
Server
nginx
ETag
W/"57b-592d3e77e1edb"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 15 Oct 2020 14:54:20 GMT
35df48f3cfc04738a336b478977e31bd.css
hall.29den.com/wp-content/cache/head-cleaner/css/ 		298 B
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://hall.29den.com/wp-content/cache/head-cleaner/css/35df48f3cfc04738a336b478977e31bd.css
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
dfaea971926484da958b633594c6da91f913095b59b6f3636d6a5935bbe4245d

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:20 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 23 Dec 2016 18:39:52 GMT
Server
nginx
ETag
"12a-54457b620ce00"
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
298
Expires
Thu, 15 Oct 2020 14:54:20 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hall.29den.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 14:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hall.29den.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Oct 2019 14:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/ 		238 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
44ac654a5d74e0f55d383818e9fb4782ea064fdc7cac8e5a4bcb71a011cad952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
89450
x-xss-protection
0
server
cafe
etag
1429027213900407418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Oct 2019 14:54:18 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3609
date
Wed, 16 Oct 2019 13:54:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 16 Oct 2019 15:54:10 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
bg-dot.png
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/common/ 		119 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/common/bg-dot.png
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
42e546f41b07f5dba7e482fc25671170468b38ada87ad0618a3627142d97d678

Request headers

Referer
http://hall.29den.com/wp-content/cache/head-cleaner/css/607ffa331e4cca354ee7b76fc4130588.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:19 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
"77-53df656bc8d80"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119
Expires
Thu, 15 Oct 2020 14:54:19 GMT
icon-gnav.png
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/icon/ 		261 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/icon/icon-gnav.png
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
45f133c2b9a2ed1a9a4fc18d0736bb29add11cfcbe5ffe874820f23a8467618d

Request headers

Referer
http://hall.29den.com/wp-content/cache/head-cleaner/css/607ffa331e4cca354ee7b76fc4130588.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:19 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
"105-53df656bc8d80"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
261
Expires
Thu, 15 Oct 2020 14:54:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/ Frame 260A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191014/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 14 Oct 2019 14:30:17 GMT
expires
Mon, 28 Oct 2019 14:30:17 GMT
content-type
text/html; charset=UTF-8
etag
8648543205226238674
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7402
x-xss-protection
0
cache-control
public, max-age=1209600
age
174242
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame 3DEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&adk=1812271804&adf=3025194257&lmt=1571237659&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fhall.29den.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1571237658483&bpp=568&bdt=989&fdt=569&idt=570&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4639087695573&frm=20&pv=2&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=2723&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=720
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8599813529469333&output=html&adk=1812271804&adf=3025194257&lmt=1571237659&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fhall.29den.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1571237658483&bpp=568&bdt=989&fdt=569&idt=570&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4639087695573&frm=20&pv=2&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=2723&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=720
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Oct 2019 14:54:19 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Oct-2019 15:09:19 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 14:54:19 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1571051767941600"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29055
x-xss-protection
0
expires
Wed, 16 Oct 2019 14:54:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F619 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=280&slotname=3926781004&adk=4257303899&adf=4174598379&w=1020&fwrn=4&fwrnh=100&lmt=1571237659&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1020x280&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1571237659209&bpp=8&bdt=1716&fdt=8&idt=8&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=141966&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=283&ady=142&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MevpYVoDEM&p=http%3A//hall.29den.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8599813529469333&output=html&h=280&slotname=3926781004&adk=4257303899&adf=4174598379&w=1020&fwrn=4&fwrnh=100&lmt=1571237659&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1020x280&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1571237659209&bpp=8&bdt=1716&fdt=8&idt=8&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=141966&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=283&ady=142&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MevpYVoDEM&p=http%3A//hall.29den.com&dtd=12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Oct 2019 14:54:19 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Oct-2019 15:09:19 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 14:54:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame EADC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=250&slotname=3092977806&adk=2221142892&adf=2596320521&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&avail_w=673&wgl=1&adsid=NT&dt=1571237659255&bpp=9&bdt=1762&fdt=9&idt=10&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=567866&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1990&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JRyPIqNZi2&p=http%3A//hall.29den.com&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8599813529469333&output=html&h=250&slotname=3092977806&adk=2221142892&adf=2596320521&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&avail_w=673&wgl=1&adsid=NT&dt=1571237659255&bpp=9&bdt=1762&fdt=9&idt=10&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=567866&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=480&ady=1990&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JRyPIqNZi2&p=http%3A//hall.29den.com&dtd=18
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Oct 2019 14:54:19 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Oct-2019 15:09:19 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 14:54:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 316A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=250&slotname=3092977806&adk=3830406679&adf=4095194413&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&avail_w=673&wgl=1&adsid=NT&dt=1571237659278&bpp=5&bdt=1785&fdt=5&idt=5&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280%2C300x250&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=2271466&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=1990&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rr8kdG79cy&p=http%3A//hall.29den.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8599813529469333&output=html&h=250&slotname=3092977806&adk=3830406679&adf=4095194413&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&avail_w=673&wgl=1&adsid=NT&dt=1571237659278&bpp=5&bdt=1785&fdt=5&idt=5&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280%2C300x250&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=2271466&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=643&ady=1990&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=rr8kdG79cy&p=http%3A//hall.29den.com&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Oct 2019 14:54:19 GMT
server
cafe
content-length
200
x-xss-protection
0
set-cookie
IDE=AHWqTUl0ocR6qEI9I-LXAcXmRwBm3CUS7xuzDUxiO_rwCcw1-2vKc4ngjXH7u5Bs; expires=Mon, 09-Nov-2020 14:54:19 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 14:54:19 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame DFD2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8599813529469333&output=html&h=600&slotname=5008738202&adk=1025447755&adf=1754743552&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&wgl=1&adsid=NT&dt=1571237659294&bpp=7&bdt=1801&fdt=7&idt=7&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280%2C300x250%2C300x250&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=9085866&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=999&ady=460&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j2xLISeHDJ&p=http%3A//hall.29den.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8599813529469333&output=html&h=600&slotname=5008738202&adk=1025447755&adf=1754743552&w=300&lmt=1571237659&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fhall.29den.com%2F&flash=0&wgl=1&adsid=NT&dt=1571237659294&bpp=7&bdt=1801&fdt=7&idt=7&shv=r20191014&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280%2C300x250%2C300x250&nras=1&correlator=4639087695573&frm=20&pv=1&ga_vid=1168984336.1571237659&ga_sid=1571237659&ga_hid=479103156&ga_fc=0&iag=0&icsg=9085866&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=999&ady=460&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=3844857665338578&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j2xLISeHDJ&p=http%3A//hall.29den.com&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Oct 2019 14:54:19 GMT
server
cafe
content-length
200
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Oct-2019 15:09:19 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 16 Oct 2019 14:54:19 GMT
cache-control
private
icon-arrow_r.png
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/icon/ 		312 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/icon/icon-arrow_r.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
86b137109a7ec2680331d66c15d6577808d61e7390eb44ec394e604077ba50c2

Request headers

Referer
http://hall.29den.com/wp-content/cache/head-cleaner/css/607ffa331e4cca354ee7b76fc4130588.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:19 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
"138-53df656bc8d80"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
312
Expires
Thu, 15 Oct 2020 14:54:19 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=479103156&t=pageview&_s=1&dl=http%3A%2F%2Fhall.29den.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B9%E3%83%AD%E3%83%83%E3%83%88%E3%83%BB%E3%83%91%E3%83%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=479103156&t=pageview&_s=1&dl=http%3A%2F%2Fhall.29den.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B9%E3%83%AD%E3%83%83%E3%83%88%E3%83%BB%E3%83%91%E3%83...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=479103156&t=pageview&_s=1&dl=http%3A%2F%2Fhall.29den.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B9%E3%83%AD%E3%83%83%E3%83%88%E3%83%BB%E3%83%91%E3%83%81%E3%83%B3%E3%82%B3%E3%80%80%E4%BA%A4%E6%8F%9B%E7%8E%87%EF%BC%88%E6%8F%9B%E9%87%91%E7%8E%87%EF%BC%89%20%E7%AD%89%E4%BE%A1%E5%BA%97%E6%A4%9C%E7%B4%A2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=980189995&gjid=766575039&cid=1168984336.1571237659&tid=UA-21639472-15&_gid=1178818147.1571237659&_r=1&z=1414732377
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 14:54:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=479103156&t=pageview&_s=1&dl=http%3A%2F%2Fhall.29den.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B9%E3%83%AD%E3%83%83%E3%83%88%E3%83%BB%E3%83%91%E3%83%81%E3%83%B3%E3%82%B3%E3%80%80%E4%BA%A4%E6%8F%9B%E7%8E%87%EF%BC%88%E6%8F%9B%E9%87%91%E7%8E%87%EF%BC%89%20%E7%AD%89%E4%BE%A1%E5%BA%97%E6%A4%9C%E7%B4%A2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=980189995&gjid=766575039&cid=1168984336.1571237659&tid=UA-21639472-15&_gid=1178818147.1571237659&_r=1&z=1414732377
Non-Authoritative-Reason
HSTS
/
sh.adingo.jp/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sh.adingo.jp/?G=1000072359&href=http%3A%2F%2Fhall.29den.com%2F&serial=9877131781300&guid=ON
Requested by
Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/f.js?G=1000072359
Protocol
HTTP/1.1
Server
210.140.105.22 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
faef0ce42a11f1271a8803e348d012fa63fa527f3a3ead160b06bae31ae799ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
Date
Wed, 16 Oct 2019 14:54:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16 Oct 2019 14:54:20 GMT
Server
nginx
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
i.adingo.jp/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.adingo.jp/?p=lJzK3wy3XW83UvBnQ79QmuPstL-SqErPBuxeUGWRQbNfPD1UvsS4_ZG0PUO8NZu4WV-RQJAGCjxGxy5AhdJUEZ3-iE7ukTSpA1LPhO41DH3qLFhObPJTktDPa16cFPI_I7--kXc8AT_h_MuWaJdjeK_IL3OtfZmI8_d9Rr8OrTkaT6kXTdlwY39EqmBqjTb_Q7dCzYUjex8kDcZJSQbk257P1-zVk356CZyr5WON8Esiaeg-kClMAtW9lF9gCdYINSvsxyXKPoD_v_6vN513jqwGupHykDUAhoMRHeNLXxZxCRNB90urYJqCdafR-jxsfj_Hql_6170.&v=umTxyToUr9U.&k=1&R=
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
210.140.201.9 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 14:54:21 GMT
Server
nginx
P3P
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
i.adingo.jp/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.adingo.jp/?p=3mJbOrolzfasaHrwagR04hPyb9b2rIY1LdXVJhYa6tghDSQFHESFsx3I8tLdw_0TXU_EEhq0X1AAUb8hbIWjPdOeerD9pUo6GvX9eBv5hso3AYvUZqHDXy8TNE-vqHzIX2_qkKo4toHGggVNSadp0tYAyiycq6p8DeVa73po3W-9WVvGiT-E4_YXVyxYSEorT0mR4-jxj1Qij6ZFxsyVGW81KSJr--w5UWpTItrswyIkCWC-x_cDu3XQDowfK3PAcPKYOSbXDrKKFaG-batZCqZo7CHxoAP9GpkqBE5LXD9KUof40fnmEXLn7bVmwaoj9YUWMimkLHQ.&v=h2QK3uUSBvI.&k=1&R=
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
210.140.201.9 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Oct 2019 14:54:21 GMT
Server
nginx
P3P
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Sep 1975 21:32:10 GMT
icon-arrow03.png
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/icon/ 		166 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/icon/icon-arrow03.png
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
a499cbec29e18ffc3e9abbd757a6051ffcf0ad51174bb448103f11145e3019ae

Request headers

Referer
http://hall.29den.com/wp-content/cache/head-cleaner/css/607ffa331e4cca354ee7b76fc4130588.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:21 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
"a6-53df656bc8d80"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166
Expires
Thu, 15 Oct 2020 14:54:21 GMT
bg-pagetop.gif
hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/common/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/images/common/bg-pagetop.gif
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
HTTP/1.1
Server
157.112.189.17 Osaka, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
sv1016.xserver.jp
Software
nginx /
Resource Hash
81ae45f1da22e2140bec2f23d4734f224df4d417c8ad0b7da7459f048f7bcc3a

Request headers

Referer
http://hall.29den.com/wp-content/cache/head-cleaner/css/607ffa331e4cca354ee7b76fc4130588.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:21 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Oct 2016 13:58:30 GMT
Server
nginx
ETag
"462-53df656bc8d80"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1122
Expires
Thu, 15 Oct 2020 14:54:21 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/socialButton.js
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E9) /
Resource Hash
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:54:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Oct 2019 20:25:42 GMT
Server
ECS (fcn/40E9)
Etag
"1d8d0709ed691e2bc0472dbfc17c8abd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28700
platform.js
apis.google.com/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/wp-content/themes/keni62_wp_cool_1610031927/js/socialButton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1a560979c35508f894818e1f68012f0a56d6a6001c5dfb73ffeda325fcbafbeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-Yv34NJ5iOVWg0cUbkjlj6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"ce8f41226b511978bd0b369f1ffcc6fc"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Wed, 16 Oct 2019 14:54:21 GMT
sdk.js
connect.facebook.net/ja_JP/
Redirect Chain
  • http://connect.facebook.net/ja_JP/sdk.js
  • https://connect.facebook.net/ja_JP/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: hall.29den.com
URL: http://hall.29den.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2ee6bb37058af4902cab481a03f08168cee54245f2bc9d85178f8e74255efc4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://hall.29den.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xcHszur0uKmi26JDwIiDKw==
status
200
content-length
1780
etag
"43bd66f90ad0510fc0bd05a7f1063783"
x-fb-debug
GcHg3llci4QLm69RrrlZA05SvPLjEuBgLnvENylh/epmRPnBgcdyWfrIGnuQj4g9aaXtlpEHU1ZF99vMupUDnw==
x-fb-trip-id
136226023
x-fb-content-md5
3aa68a534a203a69e6a1ffad838ca32a
x-frame-options
DENY
date
Wed, 16 Oct 2019 14:54:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Oct 2019 15:11:15 GMT

Redirect headers

Location
https://connect.facebook.net/ja_JP/sdk.js#xfbml=1&version=v2.0
Non-Authoritative-Reason
HSTS
sdk.js
connect.facebook.net/ja_JP/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=038cedde3c7ef16c628976159e3550f7&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2d22ebe593f1a31533637fb2d6655039fc425ad48c7017e92a4c3291f7401b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
http://hall.29den.com/
Origin
http://hall.29den.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EZKI2mJsNRSUFl3lUtDl0Q==
status
200
content-length
59152
etag
"02fb6094f15685c01e353e8a7766b3bc"
x-fb-debug
HQa3nxJIPKs20oZBWuIG11e0xNm1K9WepGkK6QYJ+mRxueJx676TlgJS7oB6fY2/NG+ejoOORm4DR52EWR7ZPw==
x-fb-trip-id
136226023
x-fb-content-md5
f9cc6cbaa64942a0d30a465976e9dfe2
x-frame-options
DENY
date
Wed, 16 Oct 2019 14:54:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 15 Oct 2020 14:14:38 GMT
widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html
platform.twitter.com/widgets/ Frame 0D35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Fhall.29den.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D8) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://hall.29den.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Oct 2019 14:54:21 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Wed, 02 Oct 2019 20:21:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41D8)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 04EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=038cedde3c7ef16c628976159e3550f7&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://hall.29den.com/
accept-encoding
gzip, deflate, br
cookie
fr=0C0trtxnuSgOoh2BV..Bdpy8b...1.0.Bdpy8b.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://hall.29den.com/

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Thu, 15 Oct 2020 07:49:29 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
JX+QPMawCZOIVsrJAmAKO8SJfnRK/7Hfyi2O+j3HfsBwB7RfBj7fDc21qNPp0nCMJu46Xvv71kt8B203URrc4Q==
content-length
11593
x-fb-trip-id
136226023
date
Wed, 16 Oct 2019 14:54:21 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| google_tag_data object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| adingoFluctNormalTag object| adingoFluct object| wpcf7 object| wp object| jQuery17206862220542512008 object| ___gcfg object| FB object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| ___gu

5 Cookies

Domain/Path Name / Value
.29den.com/ Name: _gat
Value: 1
.29den.com/ Name: _gid
Value: GA1.2.1178818147.1571237659
.facebook.com/ Name: fr
Value: 0C0trtxnuSgOoh2BV..Bdpy8b...1.0.Bdpy8b.
.doubleclick.net/ Name: IDE
Value: AHWqTUl0ocR6qEI9I-LXAcXmRwBm3CUS7xuzDUxiO_rwCcw1-2vKc4ngjXH7u5Bs
.29den.com/ Name: _ga
Value: GA1.2.1168984336.1571237659

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
cdn-fluct.sh.adingo.jp
connect.facebook.net
googleads.g.doubleclick.net
hall.29den.com
i.adingo.jp
pagead2.googlesyndication.com
platform.twitter.com
sh.adingo.jp
staticxx.facebook.com
www.google-analytics.com
www.googletagservices.com
130.211.14.194
157.112.189.17
210.140.105.22
210.140.201.9
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:809::2002
2a00:1450:4001:814::2002
2a00:1450:4001:814::200a
2a00:1450:4001:815::200e
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a03:2880:f02d:12:face:b00c:0:3
00143cdd8042d7e2d8d1c5d26b7af9220fabd74227929b52bd4158d5db77cbfd
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
14106cc290020ce763043c772e40f1f60bc3a0ef5fa57482ebd70782ece0a679
1a560979c35508f894818e1f68012f0a56d6a6001c5dfb73ffeda325fcbafbeb
1b3a5b85383281fe0890f8eec31d7cbc8fdc02af0736ac93c3c9fa67624e8598
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2a64cdb176d390a1be607f8547b77ce615ae129e86d20a1d1b09612079835d9b
2d22ebe593f1a31533637fb2d6655039fc425ad48c7017e92a4c3291f7401b92
2ee6bb37058af4902cab481a03f08168cee54245f2bc9d85178f8e74255efc4a
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
42e546f41b07f5dba7e482fc25671170468b38ada87ad0618a3627142d97d678
44ac654a5d74e0f55d383818e9fb4782ea064fdc7cac8e5a4bcb71a011cad952
45f133c2b9a2ed1a9a4fc18d0736bb29add11cfcbe5ffe874820f23a8467618d
4789930b0c419e09fcc0512ace09acac7a6651f46c67be41e43e848ac95495ba
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
78d9c9f99d25b5d0f09efbea36f4910019e449b04e846109e3ffa736de53ae55
7a119c7b8debaa5b419f46458d17a179329c44882d8d2a917763a99f441a45cb
81ae45f1da22e2140bec2f23d4734f224df4d417c8ad0b7da7459f048f7bcc3a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86b137109a7ec2680331d66c15d6577808d61e7390eb44ec394e604077ba50c2
8e2875b14712c2b49105dc41d352e25e4afef6bcb05a0526e222d31c0a2d4ccd
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348
99497ce09bda19b6bbee7cc6577746122dcc81d60a09f6bd8f32decd2931a1f7
a499cbec29e18ffc3e9abbd757a6051ffcf0ad51174bb448103f11145e3019ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
d74c2d14fc5dd9057abed6a1f6ec2a2530c0a7141b756445958a9e371bd7aadd
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dfaea971926484da958b633594c6da91f913095b59b6f3636d6a5935bbe4245d
f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b
f894436f70140d2ca3b543a11288c70eb95443328e70995cdc525c6abe1e364e
faef0ce42a11f1271a8803e348d012fa63fa527f3a3ead160b06bae31ae799ae