www.onscreens.me Open in urlscan Pro
188.114.96.3  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10362.4tnncz5zNcFYSH5lQvE2A3fbmLhyDKlVxJFHUrtloiPdY4DOtsgMUvcFOdw8lGCU.6INCHVljVhz2KRJrhJdZgiajWfM%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10362.WJEWnGbpCDy1MfU_eCjdUuL8fdHwAHuT8p4pImY0D5usjQLusOGGSaPOx2g0fGG4Jjs9HY5BRcaBf4kHnSoxYGXudivI1cuim0i_vHKCVCEcZxkW6cM5SFk1b0hdk4OsCrOuTN39PaA58-_I0_4j80_9tyBAy3Blmc2hkdy-2Hw4uvNgkP1FIT578qP_FTZpimMor2aMP1r4IxQugE-55PK8S3utsitJ-onehUUCtCI%2C.nOKCc4DoceAztUB6Y5dEYyhMu34%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10362.3n8Fdxzzqpd5na3Q6QyjYlPbSx4gFruKPaF5K7G8PcQJNfORxK_r38taTJoT_mISALsy7mMJTFF9bxAgEB7J-WX_hCVlTT5L59uRD1fhJtKaz4kEFbh1SIbN03PcNQ2eQVOzWWcEN1hxWuJO0UxSJBs3vNhRgKyE6n4L7kntIYYHydPRnYd1VLQXpAs-loldK7k2ws7jeQTuGrXDR-HTOA%2C%2C.gbAv47KAOGqAqDSO7SXx6O9PsVc%2C

Request Chain 67

• https://mc.yandex.com/watch/86516845?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.118%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A411990728098%3Ahid%3A475124358%3Az%3A120%3Ai%3A20240507103424%3Aet%3A1715070864%3Ac%3A1%3Arn%3A271513479%3Arqn%3A1%3Au%3A1715070864612729380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A455%3Awv%3A2%3Ads%3A12%2C27%2C65%2C1%2C1%2C0%2C%2C393%2C1%2C%2C%2C%2C499%3Aco%3A0%3Acpf%3A1%3Ans%3A1715070863442%3Agi%3AR0ExLjEuMTM5NTA3MjMzOC4xNzE1MDcwODY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715070865%3At%3Aichika_jp%20Videos%3A%20Cam4%20ChatUrbate%20Online%20-%20ONScreens.me&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
• https://mc.yandex.com/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.118%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A411990728098%3Ahid%3A475124358%3Az%3A120%3Ai%3A20240507103424%3Aet%3A1715070864%3Ac%3A1%3Arn%3A271513479%3Arqn%3A1%3Au%3A1715070864612729380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A455%3Awv%3A2%3Ads%3A12%2C27%2C65%2C1%2C1%2C0%2C%2C393%2C1%2C%2C%2C%2C499%3Aco%3A0%3Acpf%3A1%3Ans%3A1715070863442%3Agi%3AR0ExLjEuMTM5NTA3MjMzOC4xNzE1MDcwODY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715070865%3At%3Aichika_jp%20Videos%3A%20Cam4%20ChatUrbate%20Online%20-%20ONScreens.me&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Request Chain 68

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzFdYos4lPAHYB3LofISxobATczIIvKXJbgyCHbbpKFmhMBYpliKN01wb4xiuOyFErUzijg HTTP 302
• https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwmWgFsIOnuOgVBdAD0ABqr942ZCkeNqbfJ8cWkgxdZosUwn-JoDE8apsog4avFrpK3nNi_&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-569892114%3A1715070865130240&theme=mn&ddm=0

Request Chain 79

• https://tracking.eu.antskre.com/rtb/feedimpression?uuid=a07e4115-1e46-4fb6-8aa5-8718de6d531c&s=101&d=142&feedid=e703&rt=1715070865291&sb=0.0109884273&db=0.02417454&subid=31293804&tokid=null&url=LTMWTIJZJ5BIZ2P27C7UD5Q2477CSLGL2VVP47UNEFKJY6AFYUI6SLPL3DBXDPOABREBPRJHGQBTO7DG2NCKHX4H7QJTKMDUIYXGMRPELP4JUEDYOM7ZV4WCNOUH5MZZWKSAB3A4X76VCSRDM2Q6WRUJXJY3IRNYHAODFLRJKMFMTNABK3MOJQLISJXGGKEZBIAN5QDEDCMIRAKNRFZYODZGVWLR7OYOBMFPA7U7JFBW52ETC4NWGFEOGNCQYTDNBX36I23SSCYPTPL5SIZX7LYO4R2TN6AOJRZHE4R5UJFUQ4AW2D4DMQPAK4HQM5VSTIKXPMMIYMZOEK37PFZO2W45FVX4OC4YNVEY5IBMKMSDF56UU3QYWYRI5LHUHOLMD4CGE2DSIVWCRYJ6TJK5LLOGGK77L7C4W3U2Z264447AA5WNL4R3OKWYNVYBXTXPZ22HZLJOEAJ63RHZ53N2XOAK7I4RF6FXMAMFRCPTHKHSCLAP45QAUTTGRDPV6YLTWRANXG6DL5AHFFGMWDLSTYGKO3KLPCH63V7QNPVEP34XJ5QG2KACRC4O2SIOQMJFAXBOSIF2D5IFZ2FLHAEZEYRTH6NCJ6WVMTHGZEPIL5FU2GQ7FRVJEQCQNDROSXLHIBLGPDM7VD3ZAJHDVQSW4MDLGJTE7UUAI37OOUL2PNNOI34SR4ZXSCH2SYXUM2MZ6E3H7YOFU5SXE7TBQXF4SCZKXPGNEOMGRHDMTY3UCP3UKYPVGUVO6NNYYEA3NQAJ66WZPSM7XSHBPSOR3TPYI2T67KK7MBPEPNVQA7IGJU67MD2EZMQZIKQQLXSSAKM6DJULSMT3TQDB7AEQTLEGVDIYZP22QMIEXIUIORJF52VVH2MFERY6OFVNFGQNRAGE3I6RDWDD7ZYHRMTEJN5WCRRDRPXPPRUI4CWKU7W2P3UL5QWESHQBTKQHABHCR6KAMWRUKVRGTNW277DYIZXKLFTRVMIFT5KZGPMBBUSATK2SNLCU2ENY2PTVTTZQKVJX3AVYTTHCX7PDAMVES2TQB525KR63FPXPAESXJDBQLICD25P33NHBT4HD6IXQ7F7SMQYRRNJVPQTGKYVNR2DWSZ25YJGNJ7RYYRJSPB5ORQ5KY4I5YZOTYT2CPLLVQD5MS2YC6KX6A7VKVCNZMYD24DBAUTCMCGHPKTK7FQ5KEMP4COOW2CZCKQK36WYT4WPT6VVMRLQBXRXSSEAF6PQUBQWFIA6OJIY3VA5OZ4A%3D&i=d48dcf&u=dd2ff2&g=NL&ad=&sp=Win32&spv=10.0.0&sm=%3F0&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.02&cpa=913336af-73a6-4224-ba07-c1403dc9f638&prev_step_diff=531 HTTP 302
• https://eu.histi.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715070865299-7-6276-1269337-3cc7bb93-bd48-27e5-06a8-8e43073a605b&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3D2gpuzg%26c%3Dt1d0YTjc8Q_OaUhDKgjpfOv80wGm6fWArk7p6suWgg9VRFDAUV9UxRYJqbNjhohg7mzHGJ7pkx9MKlNKtKhV_eEw3017No0uXWnck6dxC6gTLVBYblyxK5L27-GqS9KOugTHvkFo2DIMnH6MZBzYW62tkFTymTzM3S1K1MpA8zc-MF199t1X5RQxAjvrBy-NuWVt-UAOVOXXk_u9-XdgGZIP9-BQFyHaS2dh5l0AEB6XlNzrA1QctqbCCzS1LKUD1bYsDxIizVO5bsvmy2Pn93lwNGpUdkz3UQ7Jk0x-Am9zZEn9TI6UM-Gw0eKcCbRaWAakFDp4eHQla7_9meqq5FIYS0RjiuutTvfWkX_rX2k8hvUll7a5xYP4O7gMRnfYCeVP-TnvE_Aj2-aqHfIq2Jzl1y5lPyUiuV1uVgAy5rAdzAOA-q8CUgZO7WuyUmZTzObWUGIBBhKqe20guVz7qwbZR__EXVq_fTEwf7Sgea4mqR1CXgbnxxQsksxU1JXHXUjAa5fP8XEeDuDPjRQqT8C1Tp-1ATMQ4AVRkXiyO0zVb_YG8Q3jbg HTTP 302
• https://track.trackingtraffo.com/push/ic?auth=2gpuzg&c=t1d0YTjc8Q_OaUhDKgjpfOv80wGm6fWArk7p6suWgg9VRFDAUV9UxRYJqbNjhohg7mzHGJ7pkx9MKlNKtKhV_eEw3017No0uXWnck6dxC6gTLVBYblyxK5L27-GqS9KOugTHvkFo2DIMnH6MZBzYW62tkFTymTzM3S1K1MpA8zc-MF199t1X5RQxAjvrBy-NuWVt-UAOVOXXk_u9-XdgGZIP9-BQFyHaS2dh5l0AEB6XlNzrA1QctqbCCzS1LKUD1bYsDxIizVO5bsvmy2Pn93lwNGpUdkz3UQ7Jk0x-Am9zZEn9TI6UM-Gw0eKcCbRaWAakFDp4eHQla7_9meqq5FIYS0RjiuutTvfWkX_rX2k8hvUll7a5xYP4O7gMRnfYCeVP-TnvE_Aj2-aqHfIq2Jzl1y5lPyUiuV1uVgAy5rAdzAOA-q8CUgZO7WuyUmZTzObWUGIBBhKqe20guVz7qwbZR__EXVq_fTEwf7Sgea4mqR1CXgbnxxQsksxU1JXHXUjAa5fP8XEeDuDPjRQqT8C1Tp-1ATMQ4AVRkXiyO0zVb_YG8Q3jbg HTTP 302
• https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924303-TTx511mjkAEX.jpg

Request Chain 80

• https://eu.histi.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715070865299-7-6276-1269337-3cc7bb93-bd48-27e5-06a8-8e43073a605b&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fim%3Fauth%3D2gpuzg%26c%3DuU7-dNvDrPJbi1JnJSskQ9biOxnSFrDTUIvp-f8IXdiLjkQVDBj7_SOQW6oHSWynhft84RasP-yw_-I46TWQfON5vWWf0vsWN88USYD6rDfvsg1AW0RNIHj15cytlhd1pnWkEadlLs5zSOzcGH4fFmn6tFuXlshtyjjyMcyV0fB5RasxiTYGXXgUhiVu26XBe_agL1cwtCZixr7Qm1LhL72sMGakgvJzG_PsZbVaQorC7MXmxFlM0Ra2_1vsgeTCbKHZHt6H-u7CCcDaYlEOKFGMq0iZA-078mKmBSd_qsNd0ptkIvFxWI1vWjU_q0hdPHSNVY4l9rtqbR2wj1evK7Xyd75pTYZSGRiglaiMmHbYamWb2F3qCVVo_3-cq4isqDyZBMyUNvvwKmq_qeBPdtDuFqWAzRFYfLhmabAIiYJiEdfxrt-JTTTl-Pwnv4B4fl-pA1m3nFNgTBhEZDFsYH4yVdVs6MBJy1fJUqRlVHzdijeqomBD5rqbkgk3ntAitWDtzwwcPZj2R9Nplq6zAOWy5xaRKPeR3M9tdGlzmzQSOZD6oQ1A2Q HTTP 302
• https://track.trackingtraffo.com/push/im?auth=2gpuzg&c=uU7-dNvDrPJbi1JnJSskQ9biOxnSFrDTUIvp-f8IXdiLjkQVDBj7_SOQW6oHSWynhft84RasP-yw_-I46TWQfON5vWWf0vsWN88USYD6rDfvsg1AW0RNIHj15cytlhd1pnWkEadlLs5zSOzcGH4fFmn6tFuXlshtyjjyMcyV0fB5RasxiTYGXXgUhiVu26XBe_agL1cwtCZixr7Qm1LhL72sMGakgvJzG_PsZbVaQorC7MXmxFlM0Ra2_1vsgeTCbKHZHt6H-u7CCcDaYlEOKFGMq0iZA-078mKmBSd_qsNd0ptkIvFxWI1vWjU_q0hdPHSNVY4l9rtqbR2wj1evK7Xyd75pTYZSGRiglaiMmHbYamWb2F3qCVVo_3-cq4isqDyZBMyUNvvwKmq_qeBPdtDuFqWAzRFYfLhmabAIiYJiEdfxrt-JTTTl-Pwnv4B4fl-pA1m3nFNgTBhEZDFsYH4yVdVs6MBJy1fJUqRlVHzdijeqomBD5rqbkgk3ntAitWDtzwwcPZj2R9Nplq6zAOWy5xaRKPeR3M9tdGlzmzQSOZD6oQ1A2Q HTTP 302
• https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924309-bpD2Si6zOSCm.jpg

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request ichika_jp Show response www.onscreens.me/m/	23 KB 9 KB	104ms 65ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18371dcb822fcb9a6ab7de8dfaedb49d15608a1e61c355354b06769c6cdf1132 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=7776000 public cf-cache-status HIT cf-ray 87ffdee0c84b66db-AMS content-encoding br content-type text/html; charset=utf-8 date Tue, 07 May 2024 08:34:23 GMT expect-ct max-age=86400, enforce expires Mon, 05 Aug 2024 07:22:01 GMT last-modified Tue, 07 May 2024 07:22:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0QP3Rd17gSlZq2KhOJSr9t%2BVzEqQJHi3etXOCzGZrKGwOZnnvPAZMGqXPczmmx5dnIWXf1cvsqxBxcChrAW9DO3jjkdwPrkPm8%2F9Th8S1XEKVQZInDGtJSJiACkaAauKLt5"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-cache-status MISS x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H3	200	2257.43eefc83.css www.onscreens.me/_astro/	36 KB 7 KB	29ms 28ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/2257.43eefc83.css Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e957ad826b3692f0701ee735e55e436839885f1b0f577e8a8dd6d3c34837eb22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2240 cf-polished origSize=37189 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Thu, 04 Apr 2024 13:22:47 GMT server cloudflare etag W/"9145-18ea946b494" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUUx0RBBBiSoMgV9DHf7qpxTmYgIjmOL8HjgR05L2%2BlNCInhkL4tZsOi8hVUJFznsnu3jB0jeobSZUiA2vrbHNNVFSyYDUV8ALtOJ4pzggUK%2BkvXeFaV%2FLKG4mt86tjRFgjm"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee1389f66db-AMS expires Mon, 05 Aug 2024 07:51:57 GMT
GET H3	200	ca.js Show response www.onscreens.me/js/	396 B 887 B	45ms 44ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/js/ca.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcb4c085ec83fe65445b9b161052abb285cf662bdc33ebd5d6a7bafdcfbb1b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4718036 cf-polished origSize=501 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Thu, 08 Feb 2024 09:48:20 GMT server cloudflare etag W/"1f5-18d881e4224" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ey6ReQYyQrgx5IUKI1yYCJeowJUDeSi7bhRcERL1%2FLJeqpjw%2BomkurO6HQxqO7zdDM%2BFHJOji1sB%2BWDegjUBMbRwNS9OoQxlG0HNCCgax9w1sb2RUYtmAxHk3XLJlRPQuy0r"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee138a366db-AMS expires Wed, 08 May 2024 09:48:47 GMT
GET H2	200	jp.php Show response js.juicyads.com/	93 KB 94 KB	211ms 25ms	Script application/javascript	2600:9000:266e:c400:c:dd71:23c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.juicyads.com/jp.php?c=34a4z203x264u4q2w294z27494&u=https%3A%2F%2Fwww.liquidfire.mobi%2Fredirect%3Fsl%3D16%26t%3Ddr%26track%3D155685_280900%26siteid%3D280900 Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:c400:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 05e6783b541d2e62e5b4f7d4d6d2315dfbcadf2c2116b2cef17255ee671f6484 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma cache date Tue, 07 May 2024 08:27:50 GMT via 1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA56-P8 age 393 x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=900 x-amz-cf-id yYKZ66BrUxEUHCkhDgnZkrwzusIdrj43nDwE3Dha78foqZIy9j-8OQ== expires Tue, 07 May 2024 08:42:50 GMT
GET H3	200	PD-head.886a05e5.svg www.onscreens.me/_astro/	20 KB 8 KB	27ms 27ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.onscreens.me/_astro/PD-head.886a05e5.svg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 886a05e55a7a865cdba97de94ba28d3922411bcbb543896412c4de4ceeef4967 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3373 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Apr 2024 13:22:47 GMT server cloudflare etag W/"4e0b-18ea946b494" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fb5MqFwosCCQP6q8zoSEytqvY0IcPCgJ0QRe8KSWceqhASH%2Ba%2FI7omzv%2B7KpaB%2FEWHURzajQzjN5xhpSwvhpYlf7lYtSPBvYazGj6X1yhOcvXmqMNIRRRonOzBbTBx11NFk8"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee138a466db-AMS expires Mon, 05 Aug 2024 07:06:22 GMT
GET H3	200	bongacams.3ca8e7c2.svg www.onscreens.me/_astro/	1 KB 1 KB	45ms 45ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.onscreens.me/_astro/bongacams.3ca8e7c2.svg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ca8e7c2187c7f9ba24c81efcf46e857f5947124a273bf63b60a5b76288fe5f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3121 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Apr 2024 13:22:47 GMT server cloudflare etag W/"5bf-18ea946b494" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxKhBrullb7TENccQDnBfPtmtxW3RFp2UoKx5koLyQnNq3bVSi4f2vp9yJptOnHBEI6q1lyY9t4z%2BpzIhhOzWSPjo3TYZ%2Fj2kTOPiFqOyKrQ8AsjrSmX492tRqhlu539dVBw"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee138a666db-AMS expires Mon, 05 Aug 2024 06:06:24 GMT
GET H3	200	pornkai_favicon.0b27a979.svg www.onscreens.me/_astro/	684 B 1 KB	35ms 34ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.onscreens.me/_astro/pornkai_favicon.0b27a979.svg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b27a979d230fa47be12f176a850c3030d74ab8e2c5dbf97b36fd8aed2a0bff8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2186 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Apr 2024 13:22:47 GMT server cloudflare etag W/"2ac-18ea946b494" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YO5%2FZXIAbqj6OX62N4TZYhuwHIZyrlK5sBR0hEfrJNhMz0NzqHIpCJsOZ%2F6aY40mHHBrreYmem5LwoxrATGP01vfs3%2B1qMOrDwnRbScHzoaqkvDRHmOswNIEWXgYZxSOAMOf"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee158b166db-AMS expires Mon, 05 Aug 2024 07:57:57 GMT
GET H3	200	onscreens.me.ff611eda.svg www.onscreens.me/_astro/	6 KB 3 KB	35ms 34ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.onscreens.me/_astro/onscreens.me.ff611eda.svg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff611edaa01dda0db86a5c9fd58932ce19a86b81c4d497c6a06e9c99c9323014 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3332 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Apr 2024 13:22:47 GMT server cloudflare etag W/"1938-18ea946b494" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VzAX53eZ6nVtYYEHFPzda4Uc6t57g5472QtBcGMsJrOBkFL4t82TEonOoG7eOD9oRU8berBp7fe8eXXaMqU22zfnKokj85ORrlcEV1gvPvoDmAYFqoUcpSUeRWSQC6pgiZm"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee158b266db-AMS expires Mon, 05 Aug 2024 07:32:03 GMT
GET H3	200	onscreens.me-dark.dcbf5dfb.svg www.onscreens.me/_astro/	6 KB 3 KB	36ms 35ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.onscreens.me/_astro/onscreens.me-dark.dcbf5dfb.svg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcbf5dfb00d36ef58a8a55590c47336218a98b18afaa8644c52cb4b2803eb6ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 636 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Apr 2024 13:22:47 GMT server cloudflare etag W/"1938-18ea946b494" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qcDx2OnDrTGpQtvP1q5k78b8ju8jwfqUYdKtbSQwi1v4eWeCu7Igycp7SkgwkxwrM%2F%2F41SbY86PD1NzZQN1RhdOtzHWSEiCGdI0oOH6MM9%2BUu14%2F5djtAkDGeAKM3FsFz5h"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee158b366db-AMS expires Mon, 05 Aug 2024 07:39:47 GMT
GET H3	200	1136a5dca229e0e4a870538e6d458df6-full static-cdn.strpst.com/previews/1/1/3/	35 KB 36 KB	140ms 101ms	Image image/webp	104.17.10.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.strpst.com/previews/1/1/3/1136a5dca229e0e4a870538e6d458df6-full Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.10.106 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cba3cd1a55158797ec1c1e911de4b0a058791cacf26588c7def3f6a373fd4606 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT cf-cache-status HIT age 2792706 cf-polished qual=85, origFmt=jpeg, origSize=81938 x-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 36290 cf-bgj imgq:85,h2pri last-modified Mon, 13 Nov 2023 04:47:55 GMT server cloudflare etag "6551aa7b-14012" vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 87ffdee19a239ffd-AMS expires Fri, 07 Jun 2024 08:34:23 GMT
GET H3	200	statistics.js Show response www.onscreens.me/js/	368 B 873 B	37ms 36ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/js/statistics.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08eb57c6f0f295475b2e10544d8cfc9bc69a5d354d3e59f7a15b838536c92125 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4726837 cf-polished origSize=519 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"207-18bec485189" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FrLx0hczfrW9XLBYKjemGc%2BjEfmz4Gj%2BS9BvCLHR2fNsR8MfwQwm9Ei5cQG3C1F2CjavbzptBWVHE%2BmvGBrHR1bPB9zc9GdsNPFXFZdFw5DrxD%2FS6c5ch9SGmeGNv1tuxyR"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee158b466db-AMS expires Fri, 26 Apr 2024 11:31:37 GMT
GET H3	200	st2.js Show response www.onscreens.me/js/	337 B 875 B	37ms 37ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/js/st2.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff548f546eb7b4719d103206b80b1ddfcf0dacdf8a97c81b00c147ecd0ec2d2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4713161 cf-polished origSize=409 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"199-18bec485189" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDXBxAK91fHId5R4O3W6F4FPZVYMbeUrtwrEfwyBJOtOoeqOu9YXZhFM04K2jQQqqP8ivrPKVqgUmwrWtm65u9QmgjPGH4%2FXk5wceJ7HpCQSJK5GEzZIcWlHD0cKK0Y9%2FRhL"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee158b566db-AMS expires Fri, 26 Apr 2024 20:25:46 GMT
GET H2	200	Y16FUD3.js Show response b.reissue2871.xyz/	234 KB 75 KB	283ms 109ms	Script application/javascript	2a01:4f8:161:6222::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b.reissue2871.xyz/Y16FUD3.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f8:161:6222::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 169 content-length 76790 last-modified Fri, 22 Mar 2024 11:21:21 GMT server nginx etag "65fd69b1-12bf6" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control public, max-age=315360000 accept-ranges bytes cf-ray 8685d286af338fe3-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	SwlNzm8.js Show response b.reissue2871.xyz/	127 KB 40 KB	210ms 36ms	Script application/javascript	2a01:4f8:161:6222::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b.reissue2871.xyz/SwlNzm8.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f8:161:6222::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 77d95f02ca7338cf404d8a0a792410fd53c0bc6e6a98bf69ffdb52961901e72f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 184 content-length 40341 last-modified Fri, 22 Mar 2024 11:21:21 GMT server nginx etag "65fd69b1-9d95" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control public, max-age=315360000 accept-ranges bytes cf-ray 8685d2fbed876931-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css2 fonts.googleapis.com/	15 KB 1 KB	179ms 38ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap Requested by Host: www.onscreens.me URL: https://www.onscreens.me/_astro/2257.43eefc83.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b6a044d8b0f2fc5e1ec0f469e3029108ac99ee589bbc78e2bcc210862b63a496 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 07 May 2024 08:34:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 May 2024 08:34:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 May 2024 08:34:23 GMT
GET H2	200	fdad8e64.js Show response pfmmzmdba.com/aas/r45d/vki/2012467/	104 KB 40 KB	86ms 32ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://pfmmzmdba.com/aas/r45d/vki/2012467/fdad8e64.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/js/ca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e467b4437dc6b6c9227653bd66f79c07a69232cafc9fc0bed6eb09d110a7a9b8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT content-encoding gzip last-modified Thu, 25 Apr 2024 17:06:20 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"662a8d8c-1a022" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H3	200	matomo.js Show response statistic.satiq.net/	64 KB 22 KB	96ms 40ms	Script application/javascript	104.21.234.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://statistic.satiq.net/matomo.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/js/statistics.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.234.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=0; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12 cf-polished origSize=65842 content-encoding br alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 12 Jun 2023 09:55:19 GMT server cloudflare etag W/"6486eb87-10132" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccnqDS%2FB%2FSK6Ys%2BfyedP9CKTrxrJWUKd90Ay1crO76tsqz0SSQeiqwSXArbyA5LGy2GGBj07mssXLLhdRuJVRtJpkauk%2FG%2BcRrLckBLg2y1hauGFp7nUpiBBbnvMaK%2FexuIYWtFK"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 87ffdee35e1635eb-FRA
GET H2	200	gtm.js Show response www.googletagmanager.com/	196 KB 70 KB	119ms 55ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NX9QCCZ Requested by Host: www.onscreens.me URL: https://www.onscreens.me/js/st2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6d2e3b94d68a8421c20ad8721303731f05d144c8c6cdfae798d990b51b4439b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71711 x-xss-protection 0 last-modified Tue, 07 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 May 2024 08:34:23 GMT
GET H2	200	o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 fonts.gstatic.com/s/notosans/v36/	38 KB 39 KB	85ms 26ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:02:50 GMT x-content-type-options nosniff age 1893 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39412 x-xss-protection 0 last-modified Wed, 14 Feb 2024 22:43:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 May 2025 08:02:50 GMT
GET H3	200	Model.9747108b.js Show response www.onscreens.me/_astro/	3 KB 2 KB	31ms 30ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/Model.9747108b.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d847ee92e38fccd8528c49ea3b3123f692f4ebb08c286ee9115bec308c00b6f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4726834 cf-polished origSize=3005 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"bbd-18bec485209" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbzCAGSBZEwm5ytmnofYKxq%2B63aDAMcgclULhfXy2wrtw7Bfxw6uTcA5Yj4WnLfVNYsw2aM5kbtSpPL39i8EA2KhiTJpIyhYrK33OQu6nZEqumIhDxayXEIVyZdAInvm46P7"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee30a9a66db-AMS expires Mon, 29 Apr 2024 09:31:52 GMT
GET H3	200	client.8fabec1d.js Show response www.onscreens.me/_astro/	131 KB 44 KB	46ms 45ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/client.8fabec1d.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 355c9fd38e576a44e1c1daa77282798e9666491b13db20c7710e68e5a3f635c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4713168 cf-polished origSize=134749 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Fri, 08 Sep 2023 12:45:42 GMT server cloudflare etag W/"20e5d-18a74d3a639" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEmZbxqdhYIgysLZbF6T82aI3%2F%2FNmrfPB05vWaRffVxr0cKZYgR0LKRHnFx%2F3UEJvUyn%2FvUeE4Brp%2BTQMHne9MzIqKN4SjwK8h0MeMqBj2JT9AMtA85J1NCkVuK9OVkoQVbB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee30a9d66db-AMS expires Mon, 29 Jan 2024 07:48:07 GMT
GET H3	200	SearchMenu.491a00fb.js Show response www.onscreens.me/_astro/	47 KB 16 KB	40ms 39ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/SearchMenu.491a00fb.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d56b44fa60c6d62f3bb170fb7c12120242c60c3fef165a48ef56e92fb6d93c9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4726837 cf-polished origSize=47774 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"ba9e-18bec485209" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2BYacGwrLlvUok8ARuvF6JADfRVixrpNM6X1hqMulAe9cjtbJPOKR6k%2Fah3MyJKKTZEJrByByYIvg1zfcSSIddIdrZ4J39ArVLuC%2BUS3kyPPDGXJmk67G6vy6LeKWG8qMOE7"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee30aa166db-AMS expires Mon, 06 May 2024 06:42:22 GMT
GET H3	200	SideNav.ef51c139.js Show response www.onscreens.me/_astro/	3 KB 2 KB	31ms 31ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/SideNav.ef51c139.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6b989192e7796b8bb62a4dc2e7ace588129ed4a2f9968a1b96ae8cdc04fad42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3366039 cf-polished origSize=2810 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Fri, 29 Mar 2024 09:33:18 GMT server cloudflare etag W/"afa-18e898e7503" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zv4gv3PLO0Fk6koZ5dSEZwODBaI1%2B%2Fly%2FTW22JPSklDqgUeFedO9vEe88k22RY%2F9sw9nBXlWuLIfMIMkh46JAXtuJaA76dWci1WgEmZXms2Jk7DxTAeE2Nuhp0PG%2FOKWz0s1"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee30aa366db-AMS expires Thu, 27 Jun 2024 09:33:36 GMT
GET H3	200	ThemeToggleButton.a092c3b5.js Show response www.onscreens.me/_astro/	1 KB 1 KB	35ms 35ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/ThemeToggleButton.a092c3b5.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 016bf7afa7b45740d3cd25ade334276169d8dd2d459afb8a1a67d4d771d307ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4722696 cf-polished origSize=1072 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Fri, 03 Nov 2023 15:52:44 GMT server cloudflare etag W/"430-18b95e304a2" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pw8HsIbbjPXy7XYheqtUhL4UTsaruSApOlExVU%2FDa6dixLSZDJnVDBT%2BndqwMAPt737udAPpq%2FuEHS%2BaD0YHfWsHKoZtcMBKNAB4DBcbqSybDOstVXQgcMUvEw8%2BdmgLk%2Bu5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee31aaa66db-AMS expires Tue, 06 Feb 2024 02:12:12 GMT
GET H3	200	index.98a5280d.js Show response www.onscreens.me/_astro/	7 KB 4 KB	56ms 52ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/index.98a5280d.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9dee2c201bbdca906df7b78f5a751226a214b320c7abc2cea98c75438d1ca1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/Model.9747108b.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4713168 cf-polished origSize=7673 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Fri, 03 Nov 2023 15:52:44 GMT server cloudflare etag W/"1df9-18b95e304a2" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWkECejsJoL7%2Fbrhbw%2B7KAR2tH8OyrqK%2FkImZvz39PhlbnphbC3BMhoEiDITJQ70wjZoGPrNZ6fzokfv9AO5lc6va4fBwrhHrZmvc8CQv6HfbgxogXONXD1ef6PAxLypsdUr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2466db-AMS expires Thu, 08 Feb 2024 04:15:25 GMT
GET H3	200	index.3fff03b6.js Show response www.onscreens.me/_astro/	1 KB 1 KB	33ms 29ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/index.3fff03b6.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a708ccb78550eb5340d242ca39bdd51f13130594fbb28f70cee717087d60f579 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/Model.9747108b.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4713156 cf-polished origSize=1124 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Thu, 08 Feb 2024 09:48:21 GMT server cloudflare etag W/"464-18d881e42d8" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRzr5jkJ5YC43f6Ikzrb6890y55dALX7XbNtPwQ7f%2BBEVXqtqr5k5USPiH5X6x5qIKJe8Xc5JLqqTlYRqLFEKOkDvJXBIL%2BHKNqDYkK40rMUYWJAKptyFjA4dquypA%2BlxNMt"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2566db-AMS expires Sun, 02 Jun 2024 23:00:13 GMT
GET H3	200	InfiniteScroll.0b136e3b.js Show response www.onscreens.me/_astro/	5 KB 2 KB	34ms 30ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/InfiniteScroll.0b136e3b.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62f3df290e3aef3a02d91eea48ac9244b858cf9058496e614f0e7250414950af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/Model.9747108b.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4713156 cf-polished origSize=4714 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Thu, 08 Feb 2024 09:48:21 GMT server cloudflare etag W/"126a-18d881e42d8" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdWjMMLZdIIBp3apstIU5kip2PTjKSPzHky1M20%2Brb%2B3Gpceftllr4dlzUTiz9ATxJxkzXQOQ7RwzFWX3Q9Z4jr9Cinv6vg3rFIhbi2nD78KoG2aY0mdycZyKGmgLxE%2Bed3S"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2766db-AMS expires Sun, 12 May 2024 05:17:34 GMT
GET H3	200	VideoCard.f5e8cc17.js Show response www.onscreens.me/_astro/	2 KB 1 KB	39ms 35ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/VideoCard.f5e8cc17.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89fe15bbf9f1b62441b71a40384feddb572a3342ff0f62e604ff0d70ff3d1f45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/Model.9747108b.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4726833 cf-polished origSize=1941 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Thu, 08 Feb 2024 09:48:21 GMT server cloudflare etag W/"795-18d881e42d8" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQiVpvcs4gsK869LpwslpOvMBtNKee9t81KozU31qTrgpKfvILYTxT3yzaW5%2FqQTDduJzWjhP7MYaKrS5uDz%2BHpFNyRkyUmKUKJsg6RBqYp8c53iEBDzRE056Vni8bQ3CgUz"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2a66db-AMS expires Mon, 20 May 2024 07:12:47 GMT
GET H3	200	jsx-runtime.5d92eaf2.js Show response www.onscreens.me/_astro/	669 B 1 KB	33ms 29ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/jsx-runtime.5d92eaf2.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 609b1c7f21ddfdec0c7a96665df51237e8725f1374bbe440edb39a96c0a6c7f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/Model.9747108b.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3999673 cf-polished origSize=918 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Fri, 08 Sep 2023 12:45:42 GMT server cloudflare etag W/"396-18a74d3a639" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pCtC7yCjszFdc7Y%2FO%2B24rA395xSG2uWkdFldl5hoJXaLBpK3PQHOprFyPhB0t7l%2FFWCSdW55NP58WIwBgTP70HqSgjTkYXSNhrsG%2B0RIG7BSOOHfj0Lr4GoYeh3D3Q0Ca%2BH"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2c66db-AMS expires Tue, 30 Jan 2024 09:06:37 GMT
GET H3	200	index.c0181419.js Show response www.onscreens.me/_astro/	6 KB 2 KB	36ms 32ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/index.c0181419.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76dd38660db62e5420ed80d199ae6483edf4fa505c5420ae7303f657f09e591b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/Model.9747108b.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3862485 cf-polished origSize=6630 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"19e6-18bec485209" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FuXMfQaIaQja6b%2F1lk8bjiIsneaFhUVcr%2BQAxT4JQS7HFzScfAwWBuUnMHKljRhtTbThZOL5BVsQWpxOBlk181sYYgjhGBha5H56HzKSv%2BGcbdHvNomeFKvJuqj9gfzDSGN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2d66db-AMS expires Wed, 28 Feb 2024 02:06:02 GMT
GET H3	200	index.92deaa45.js Show response www.onscreens.me/_astro/	6 KB 3 KB	34ms 30ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/index.92deaa45.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbe25559d199e42b282f71901fc6bc50f332c100a69ca73bc7ebb23b9a435887 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/SideNav.ef51c139.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4722695 cf-polished origSize=6168 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"1818-18bec485209" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSrOyrjqtd8TwPAUgImTaibadiu1l0drtopIzVCCO4Fo8rP0tG25l7giUwVTJ4U5BevwQn1Y3UxtvO2O92r8DD%2FpGgGeB8htBZoxDIT3lNfXLnS3nE6d4rfJk2q4X4kfMYwB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b2f66db-AMS expires Wed, 28 Feb 2024 07:17:06 GMT
GET H3	200	index.bed0fc7e.js Show response www.onscreens.me/_astro/	2 KB 1 KB	32ms 31ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/_astro/index.bed0fc7e.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc7801416721837530e3c244fea19d26ccce918bac6c22842515ff8f72849533 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/_astro/ThemeToggleButton.a092c3b5.js Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4722695 cf-polished origSize=1622 x-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 20 Nov 2023 10:30:44 GMT server cloudflare etag W/"656-18bec485209" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMf4nHPaYBXD4OO8%2FjZROhuqnywmTrLMOsu%2Fb2mZlHtfU6yxP7nFVc8SH%2Bl3fAqpfj185u08Y6rzYiCsnhRF6A5if4YSWzPZUT25m5JYnwSV7kwANAMV1mHKd%2FnIRUD%2Ffg6t"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 x-frame-options SAMEORIGIN cache-control max-age=7776000, public cf-ray 87ffdee35b3166db-AMS expires Fri, 26 Apr 2024 20:25:46 GMT
GET H2	200	adgpt.js Show response s.o333o.com/	2 KB 1 KB	96ms 28ms	Script application/javascript	85.10.205.45 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s.o333o.com/adgpt.js Requested by Host: b.reissue2871.xyz URL: https://b.reissue2871.xyz/Y16FUD3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 85.10.205.45 Bad Heilbrunn, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.85-10-205-45.clients.your-server.de Software nginx / Resource Hash 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT content-encoding gzip last-modified Fri, 22 Mar 2024 11:21:21 GMT server nginx etag "65fd69b1-334" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000, public content-length 820 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	412125 Show response b.reissue2871.xyz/api/settings/	33 B 211 B	198ms 86ms	Fetch application/json	2a01:4f8:161:6222::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b.reissue2871.xyz/api/settings/412125 Requested by Host: b.reissue2871.xyz URL: https://b.reissue2871.xyz/Y16FUD3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f8:161:6222::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control private x-robots-tag noindex, nofollow
GET H2	200	419320 Show response b.reissue2871.xyz/api/spots/	2 KB 1 KB	43ms 43ms	Script text/javascript	2a01:4f8:161:6222::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b.reissue2871.xyz/api/spots/419320?url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&sid=97445588-3391-4e96-9b93-747f8a64663b Requested by Host: b.reissue2871.xyz URL: https://b.reissue2871.xyz/SwlNzm8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f8:161:6222::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 3b25426aa6a7ff491073d4b89f21b5f5db832f30d349958822a6d5de9d4b36d5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT cache-control private content-encoding gzip server nginx x-robots-tag noindex, nofollow vary Accept-Encoding content-type text/javascript; charset=utf-8
POST H2	200	solid.gif pfmmzmdba.com/	43 B 639 B	18ms 18ms	Ping image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://pfmmzmdba.com/solid.gif?z=2012467&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=956823814239744&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22124%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22124%22&chf=%22Chromium%22;v=%22124.0.6367.118%22,%20%22Google%20Chrome%22;v=%22124.0.6367.118%22,%20%22Not-A.Brand%22;v=%2299.0.0.0%22&chm=false&chmd=&chp=Win32&chv=10.0.0 Requested by Host: pfmmzmdba.com URL: https://pfmmzmdba.com/aas/r45d/vki/2012467/fdad8e64.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT x-route-id stats.tag.loaded server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	2012467 Show response pfmmzmdba.com/get/	37 B 682 B	20ms 17ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://pfmmzmdba.com/get/2012467?zoneid=2012467&jp=_cl7svv8x6fnrvjbvgwed0l&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Amsterdam&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=nl-NL&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=956823814239744&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22124%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22124%22&chf=%22Chromium%22;v=%22124.0.6367.118%22,%20%22Google%20Chrome%22;v=%22124.0.6367.118%22,%20%22Not-A.Brand%22;v=%2299.0.0.0%22&chm=false&chmd=&chp=Win32&chv=10.0.0&uf=0 Requested by Host: pfmmzmdba.com URL: https://pfmmzmdba.com/aas/r45d/vki/2012467/fdad8e64.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:23 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
GET H3	200	ichika_jp Show response www.onscreens.me/v1/model/	9 KB 3 KB	154ms 154ms	Fetch application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/v1/model/ichika_jp?limit=6&cursor= Requested by Host: www.onscreens.me URL: https://www.onscreens.me/_astro/Model.9747108b.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bc4024691ce62f15dc8436577a17dfcf9d9146903cf35a667e63d594e323cfd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json accept application/json Referer https://www.onscreens.me/m/ichika_jp sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare expect-ct max-age=86400, enforce access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE, UPDATE content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kYEC%2BY%2FgX8Vu0s8%2Bb17vrAJ4qsaTrvwb7Zc09HBdWQUXrHGXFcVmvahQLc0y%2FuD2m9xfj3LH85EzEMPTsIiVJbeqesTTKm4exkmONBIZHaDhTJiUgO0bRI2cS2%2FN%2B7733rlt"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length x-frame-options SAMEORIGIN access-control-allow-credentials true cf-ray 87ffdee3dbbd66db-AMS access-control-allow-headers X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding, x-access-token
POST H3	204	matomo.php statistic.satiq.net/	0 0	99ms 89ms	Ping text/html	104.21.234.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://statistic.satiq.net/matomo.php?action_name=ichika_jp%20Videos%3A%20Cam4%20ChatUrbate%20Online%20-%20ONScreens.me&idsite=8&rec=1&r=355137&h=10&m=34&s=23&url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&_id=e6f8d1f8f68c88b0&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=JP0fS9&pf_net=39&pf_srv=65&pf_tfr=1&pf_dm1=391&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D Requested by Host: statistic.satiq.net URL: https://statistic.satiq.net/matomo.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.234.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers
GET H3	200	postscribe.min.js Show response cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/	17 KB 6 KB	76ms 50ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Requested by Host: b.reissue2871.xyz URL: https://b.reissue2871.xyz/SwlNzm8.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 964823 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5117 last-modified Mon, 04 May 2020 16:15:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03faa-45f4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMHZD0T%2FtDyE%2BP2MMunweV%2FCxHfQXVISklSqxCihNxyjfEos8qg3sgV4rkkLxEr0S8cDZNsNtwIdozifB0WPXBzUZJNpOocJcsB2yJNVRSo2nbyqBmLaKT8YC4eE2K77gdqZ00Lr"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 87ffdee42cb29f8d-AMS expires Sun, 27 Apr 2025 08:34:24 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	264 KB 92 KB	83ms 52ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LCHG5KSTPG&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX9QCCZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c11862a5c1e42614463672a07b663f3cfb5b0d1ee71754d19bfe4162b791c0c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93828 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 May 2024 08:34:24 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	208 KB 73 KB	298ms 135ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Thu, 02 May 2024 11:49:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "66337dcb-11f0d" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 73485 expires Tue, 07 May 2024 09:34:24 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 255 B	170ms 21ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LCHG5KSTPG&gtm=45je4510v876280189z8854747890za200&_p=1715070863826&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1395072338.1715070864&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1715070864&sct=1&seg=0&dl=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&dt=ichika_jp%20Videos%3A%20Cam4%20ChatUrbate%20Online%20-%20ONScreens.me&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=806 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LCHG5KSTPG&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 07 May 2024 08:34:24 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.onscreens.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	BngrUXNETWXI6LwhGYvaxZikqZqK6fBq6kPvUce2oAZcdthSBUsYck4-_FNJ093dVQ.woff2 fonts.gstatic.com/s/notosansmono/v30/	11 KB 11 KB	27ms 26ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosansmono/v30/BngrUXNETWXI6LwhGYvaxZikqZqK6fBq6kPvUce2oAZcdthSBUsYck4-_FNJ093dVQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb8aca8e4a626e1c0078853146a6f26b7a3159e6f55879a6d90186bd5aeadfad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://www.onscreens.me Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 07:52:32 GMT x-content-type-options nosniff age 2512 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10856 x-xss-protection 0 last-modified Tue, 24 Oct 2023 01:12:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 May 2025 07:52:32 GMT
GET H3	200	2024.05.07_07.31.02_ichika_jp.th.jpg cdn1.onscreens.me/images/2024/05/07/	10 KB 10 KB	54ms 39ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/05/07/2024.05.07_07.31.02_ichika_jp.th.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26865f4529add9fad4ce0daeb1ddb954a1d5caa1169bfe64b7ea067996112433 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3677 alt-svc h3=":443"; ma=86400 content-length 10093 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 07 May 2024 07:31:49 GMT server cloudflare etag "6639d8e5-276d" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnhTAbWyIi24MIKjBGbuUz4NbLeWKZIksZ7RSQdYNy8I2YBk9rTOV8FVxWqYTKKjLAIbBQFu7WUW%2FgZk%2BCCvIDk4KTNKzSTU3FpyoF8khItavxZiq6uWDyiXQ8zFiYkjVKYgEQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee5cdc366db-AMS expires Wed, 07 May 2025 07:32:16 GMT
GET H3	200	2024.04.23_03.55.20_ichika_jp.th.jpg cdn1.onscreens.me/images/2024/04/22/	11 KB 11 KB	109ms 95ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/04/22/2024.04.23_03.55.20_ichika_jp.th.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85b0e149fa51456b311da3e7db2b050d6629fe004c1927785d917733d7408df8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 10925 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 23 Apr 2024 03:56:13 GMT server cloudflare etag "6627315d-2aad" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQuF1TLBoouOAS8XMVPrgLcdLv4zsWjQ%2Fa5qKPY64HtiC6q5MWIoacI5kFx8tOZ6jTqDa3dJLZ1DcG%2F23WIFK6x%2FPMLdR0cDcNpWiN9vZ9V5S9RP6%2Bx19pmIQiaxNXmytdWOng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee5cdc266db-AMS expires Sun, 27 Apr 2025 00:02:25 GMT
GET H3	200	2024.04.09_09.20.01_ichika_jp.th.jpg cdn1.onscreens.me/images/2024/04/09/	7 KB 7 KB	110ms 96ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/04/09/2024.04.09_09.20.01_ichika_jp.th.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 957234fc4403a18709ab85c615548e9d1d9152a317250d96df2582432779deb9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 6772 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 09 Apr 2024 09:24:51 GMT server cloudflare etag "66150963-1a74" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWHK8kED3bQyiPd5VOAgEoKFa%2B6dP3AtmbGVVvlQ94W348gg1tixMpwyk5KoUxmVAR2EqdxW0V8djxSR%2F%2Fml%2Bpv1kmLsDYKNrpH9yJOu02iZDY3G5DAG5jb5c1LtlQKZl3N3Cg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee5cdc866db-AMS expires Sun, 04 May 2025 13:22:04 GMT
GET H3	200	2024.03.12_09.29.27_ichika_jp.th.jpg cdn1.onscreens.me/images/2024/03/12/	7 KB 8 KB	105ms 91ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/03/12/2024.03.12_09.29.27_ichika_jp.th.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56775a83801de7181fcd3279b319b45f43893ee37edc242461849de25b44db2e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 7507 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 12 Mar 2024 09:40:59 GMT server cloudflare etag "65f0232b-1d53" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQIjYPS2OK2Z4RGWaTGLNg%2FkOmLjwwRspgLqRXdrvfwO1JetQD4Gwt8XxKDPc8DwtDtrdHx5Dks84ZCMQJE%2FlV8XRnk%2FxzursWJbYj7s1r1coF3yBNqiRHefbRXGQqUeIKfXxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee5cdc766db-AMS expires Sun, 04 May 2025 13:22:04 GMT
GET H3	200	2024.03.12_09.05.17_ichika_jp.th.jpg cdn1.onscreens.me/images/2024/03/12/	7 KB 8 KB	106ms 92ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/03/12/2024.03.12_09.05.17_ichika_jp.th.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62c15469bd209dc8488adad4759176fa40c26aaea5da5440ead82ac0587c1fcd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 7374 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 12 Mar 2024 09:27:11 GMT server cloudflare etag "65f01fef-1cce" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoxHlVR6yrvkANgOlWsmUjD%2FCRV0NfPA5%2FlaFcYun%2FbeewFKG2zCju7LLqKj945KXg8I2Uehq%2Fxb5XKJ6nhHef1SDnd3V%2B0nHZHOJDTB9lz4YGhMasE31RhhCisgOMiPv2vfuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee5cdc566db-AMS expires Mon, 05 May 2025 14:02:42 GMT
GET H3	200	2024.03.04_09.00.38_ichika_jp.th.jpg cdn1.onscreens.me/images/2024/03/04/	7 KB 8 KB	103ms 90ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/03/04/2024.03.04_09.00.38_ichika_jp.th.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc7d41c55b8da3d00b7d89a6c1aab6447f57b314e27bd988bac19b87b744a2e1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 7561 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Mon, 04 Mar 2024 09:03:44 GMT server cloudflare etag "65e58e70-1d89" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqcFwK2YQyHpPGNU%2BTr3NN8zzpb0E33I2ZhFBSOB2fR1V6HZPtU15weiDMcPoTf18onlPhIVomw53LjA7i3wSD28pJPbBu%2BAZNoYlJucpcRHM0inJZyBvjpJCb3xOcPhLT8lIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee5cdc466db-AMS expires Sun, 04 May 2025 13:22:05 GMT
GET H2	200	adManager.js Show response js.wpadmngr.com/static/	2 KB 1 KB	147ms 13ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/static/adManager.js Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 07 May 2024 08:39:24 GMT date Tue, 07 May 2024 08:34:24 GMT content-encoding gzip last-modified Tue, 23 Apr 2024 09:45:14 GMT server nginx/1.18.0 etag W/"6627832a-6c7" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H3	200	2024.05.07_07.31.02_ichika_jp.md.jpg cdn1.onscreens.me/images/2024/05/07/	31 KB 31 KB	58ms 53ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/05/07/2024.05.07_07.31.02_ichika_jp.md.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a992995a6e5adf89fb74fa55506d176584609b1d1b468f03c902ac98561387d9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3676 alt-svc h3=":443"; ma=86400 content-length 31465 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 07 May 2024 07:31:49 GMT server cloudflare etag "6639d8e5-7ae9" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=It6oNQdFW5a93a8lNu3ZN%2BZrTaVscdbPqVILbf3epxTZmHBtTdblKfspgGJvFeWDaP92THuah2VaJq8Bm6mMPIrySZQ3trS8iEpDK0XxXKD3Yxa1iCMFeZ7%2B5f21sXFgY8kKRQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee62e2166db-AMS expires Wed, 07 May 2025 07:32:16 GMT
GET H3	200	2024.04.23_03.55.20_ichika_jp.md.jpg cdn1.onscreens.me/images/2024/04/22/	33 KB 34 KB	67ms 62ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/04/22/2024.04.23_03.55.20_ichika_jp.md.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7b6be77904da1438ec07eed245220b0da3d45c4a67172095fbf3baf1d0598f8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 33756 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 23 Apr 2024 03:56:12 GMT server cloudflare etag "6627315c-83dc" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sd%2FTvp2bHQ%2FsHVOJPZB5wg%2Bg2%2Bng5dLrd1aO9%2FGFPRoYWjS4T72IlhGs1znaOZvtnJAbBg4U0WZmkoOnAX05D%2FbYmjcmb7GXQp1aq4N1k%2B2quvc%2FB7jREMPoxEJWAT2T4oiy2w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee62e2466db-AMS expires Sat, 26 Apr 2025 23:49:20 GMT
GET H3	200	2024.04.09_09.20.01_ichika_jp.md.jpg cdn1.onscreens.me/images/2024/04/09/	27 KB 27 KB	83ms 77ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/04/09/2024.04.09_09.20.01_ichika_jp.md.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f41db2c58fbb0a5d7434baa760a933517dca7d3bcd96776fa452723804576d1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 27153 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 09 Apr 2024 09:24:51 GMT server cloudflare etag "66150963-6a11" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mwe6gRAy%2BLpWRIzsSLcbc8uO0FEzuOukvfZOGo4QKsKI07Yw0%2Fq62u9ujFtdoQDnQGcpY0tdeO7raLa%2B66TAqVxceqsZDlX3%2BdvjWRICQt62%2F%2F9beqW5nWnyQS65ImEcGLzf3g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee62e2566db-AMS expires Sat, 03 May 2025 12:25:17 GMT
GET H3	200	2024.03.12_09.29.27_ichika_jp.md.jpg cdn1.onscreens.me/images/2024/03/12/	24 KB 24 KB	92ms 86ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/03/12/2024.03.12_09.29.27_ichika_jp.md.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 578839aadf0b9365d92906aec5c1165e989ece65119d666209a210ab796d4e2f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 24414 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 12 Mar 2024 09:40:59 GMT server cloudflare etag "65f0232b-5f5e" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8q2slhF%2FLH9GuGmx1Am5XMk%2BGUQNnkJ7DNc9PAO%2F35%2BWEVkPRRQIKDgCRYT7j221oOL7nvBzvCOHTYpzfMdVDMsfOJBJbsA%2FtspY08B3XCFkUqTTig6%2BL6lBxx3Ax1ybXjXhQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee62e2666db-AMS expires Sun, 04 May 2025 12:05:49 GMT
GET H3	200	2024.03.12_09.05.17_ichika_jp.md.jpg cdn1.onscreens.me/images/2024/03/12/	24 KB 24 KB	94ms 88ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/03/12/2024.03.12_09.05.17_ichika_jp.md.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb8f890e11c6f6c7795e1ad11a7abde6fac6ba6c24a252f248e3c4b9dca342bd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 24207 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 12 Mar 2024 09:27:11 GMT server cloudflare etag "65f01fef-5e8f" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAwDvZBZT4AVQYaFPcY0abpjV5Gfc2xDrgn6uYTcYJyk8T0jnVZ6D%2BAmovp9VFSWu7OCrw0A45DMS5ylZlq6PgoKxbNtL2i9BLIf%2FDVqFKqT1fjy1Q1fKf4FfmSEEuGEMHweug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee62e2866db-AMS expires Sun, 06 Apr 2025 19:11:05 GMT
GET H3	200	2024.03.04_09.00.38_ichika_jp.md.jpg cdn1.onscreens.me/images/2024/03/04/	28 KB 28 KB	72ms 66ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.onscreens.me/images/2024/03/04/2024.03.04_09.00.38_ichika_jp.md.jpg Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e239cb2727239f3a62ff5ef7fb1678536b478b45757b79093999147427e34e33 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 28485 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Mon, 04 Mar 2024 09:03:44 GMT server cloudflare etag "65e58e70-6f45" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDd1pipzAgoupwoFsG5f42XsFa9zkDaUyz9RRZFfuWbtAnm5jAMS%2BnUVQ1bf81Qz6bpLe8jMQZVFAtzZBjh12CQwdjemI3%2FG46qT1Q07Gu1lhfx1hYMP%2F%2Fxxe35OBkgmeyrUyw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000, public x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87ffdee62e2966db-AMS expires Sun, 04 May 2025 13:22:04 GMT
GET H2	200	sync_cookie_image_finish mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10362.4tnncz5zNcFYSH5lQvE2A3fbmLhyDKlVxJFHUrtloiPdY4DOtsgMUvcFOdw8lGCU.6INCHVljVhz2KRJrhJdZgiajWfM%2C https://mc.yandex.com/sync_cookie_image_decide?token=10362.WJEWnGbpCDy1MfU_eCjdUuL8fdHwAHuT8p4pImY0D5usjQLusOGGSaPOx2g0fGG4Jjs9HY5BRcaBf4kHnSoxYGXudivI1cuim0i_vHKCVCEcZxkW6cM5SFk1b0hdk4OsCrOuTN39Pa... https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10362.3n8Fdxzzqpd5na3Q6QyjYlPbSx4gFruKPaF5K7G8PcQJNfORxK_r38taTJoT_mISALsy7mMJTFF9bxAgEB7J-WX_hCVlTT5L59uRD1fhJtKaz...	43 B 613 B	60ms 59ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10362.3n8Fdxzzqpd5na3Q6QyjYlPbSx4gFruKPaF5K7G8PcQJNfORxK_r38taTJoT_mISALsy7mMJTFF9bxAgEB7J-WX_hCVlTT5L59uRD1fhJtKaz4kEFbh1SIbN03PcNQ2eQVOzWWcEN1hxWuJO0UxSJBs3vNhRgKyE6n4L7kntIYYHydPRnYd1VLQXpAs-loldK7k2ws7jeQTuGrXDR-HTOA%2C%2C.gbAv47KAOGqAqDSO7SXx6O9PsVc%2C Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Tue, 07 May 2024 08:34:24 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10362.3n8Fdxzzqpd5na3Q6QyjYlPbSx4gFruKPaF5K7G8PcQJNfORxK_r38taTJoT_mISALsy7mMJTFF9bxAgEB7J-WX_hCVlTT5L59uRD1fhJtKaz4kEFbh1SIbN03PcNQ2eQVOzWWcEN1hxWuJO0UxSJBs3vNhRgKyE6n4L7kntIYYHydPRnYd1VLQXpAs-loldK7k2ws7jeQTuGrXDR-HTOA%2C%2C.gbAv47KAOGqAqDSO7SXx6O9PsVc%2C date Tue, 07 May 2024 08:34:24 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	adManager.m.js Show response js.wpadmngr.com/static/	107 KB 35 KB	35ms 14ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/static/adManager.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 713bc0015ac5ef37f48ad9f49aa4521912b705cf01bf19409f98235b28d41dfe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 07 May 2024 08:39:24 GMT date Tue, 07 May 2024 08:34:24 GMT content-encoding gzip last-modified Tue, 23 Apr 2024 09:45:19 GMT server nginx/1.18.0 etag W/"6627832f-1ab1c" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 574 B	91ms 61ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT strict-transport-security max-age=31536000 last-modified Thu, 02 May 2024 11:49:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "66337dcb-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Tue, 07 May 2024 09:34:24 GMT
GET H2	200	59917 Show response na.nawpush.com/tags/	2 KB 2 KB	81ms 18ms	XHR application/json	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://na.nawpush.com/tags/59917?version_name=a Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 9b80a80b2531b468aaea645d8abba59227edcada2976e02d456a6c4780e3ef97 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 07 May 2024 08:34:24 GMT cache-control max-age=300, public content-type application/json server nginx/1.24.0 x-proxy-cache HIT
GET H2	200	advertising.js Show response js.capndr.com/	0 238 B	226ms 15ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 07 May 2024 08:39:24 GMT date Tue, 07 May 2024 08:34:24 GMT last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 etag "64b105fd-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H3	200	count.html storage.multstorage.com/log/ Frame 7DCE	0 0	58ms 27ms	Document text/html	172.67.174.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87ffdee91ba4417e-AMS content-encoding br content-type text/html date Tue, 07 May 2024 08:34:24 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAukBX%2Be9hEWQg0ArTkievBS%2Faay55pVtSHGd1bY5wiTCaQniL8cmrmB1kFxeMSibFMmmy7Vy2v00ab7ZCheYqx0fHYg0kGVk9wJ6RPkMuQOd4lpjqhOZuMe81srbXRZ7X3YeOJ%2BLRJZvQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id b9d567476ec66da31828bc3a2c6cf56a
GET H2	200	track Show response 6fbb07e2de.7aa82805b9.com/in/	0 207 B	110ms 52ms	XHR text/plain	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://6fbb07e2de.7aa82805b9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTA4NTA5MTI1NTUzODI0NjAwMCIsInRpbWV6b25lIjoyLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjo1OTkxNywic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9BbXN0ZXJkYW0iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 07 May 2024 08:34:24 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	build.m.js Show response js.capndr.com/popunder-admanager/	98 KB 29 KB	22ms 21ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/popunder-admanager/build.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 4f5cece30fb18d801a39950fe09419aa3280c654a323e72733b3204ad11a7a33 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 07 May 2024 08:39:24 GMT date Tue, 07 May 2024 08:34:24 GMT content-encoding gzip last-modified Mon, 06 May 2024 08:27:28 GMT server nginx/1.18.0 etag W/"66389470-189f7" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	npush.m.js Show response js.wpushsdk.com/npc/sdk/wpu/	165 KB 46 KB	57ms 17ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash fdd439b2c8d28676c5e03847afc19252a3d6d88a670ba48db4ac020866c6b6ec Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 07 May 2024 08:39:24 GMT date Tue, 07 May 2024 08:34:24 GMT content-encoding gzip last-modified Thu, 25 Apr 2024 13:18:02 GMT server nginx/1.18.0 etag W/"662a580a-29278" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	58 B 434 B	88ms 28ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=59917 Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 4b6a7ccedd89712109b32987df2f1dae43e7b0725a4d37ffb9aa9668d1108111 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Tue, 07 May 2024 08:34:25 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://www.onscreens.me Access-Control-Allow-Credentials true Connection keep-alive Content-Length 58
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	264ms 30ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=59917 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.onscreens.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://www.onscreens.me Connection keep-alive Date Tue, 07 May 2024 08:34:25 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	1 Show response mc.yandex.com/watch/86516845/ Redirect Chain https://mc.yandex.com/watch/86516845?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%2... https://mc.yandex.com/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228...	447 B 566 B	65ms 64ms	Fetch application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.118%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A411990728098%3Ahid%3A475124358%3Az%3A120%3Ai%3A20240507103424%3Aet%3A1715070864%3Ac%3A1%3Arn%3A271513479%3Arqn%3A1%3Au%3A1715070864612729380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A455%3Awv%3A2%3Ads%3A12%2C27%2C65%2C1%2C1%2C0%2C%2C393%2C1%2C%2C%2C%2C499%3Aco%3A0%3Acpf%3A1%3Ans%3A1715070863442%3Agi%3AR0ExLjEuMTM5NTA3MjMzOC4xNzE1MDcwODY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715070865%3At%3Aichika_jp%20Videos%3A%20Cam4%20ChatUrbate%20Online%20-%20ONScreens.me&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29 Requested by Host: www.onscreens.me URL: https://www.onscreens.me/m/ichika_jp Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash c8c7149f8e2ff08f8fd6ebb403fc02f052a2b52fd7f93242888618e380062aaf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 07 May 2024 08:34:24 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 07-May-2024 08:34:24 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://www.onscreens.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Tue, 07-May-2024 08:34:24 GMT Redirect headers pragma no-cache date Tue, 07 May 2024 08:34:24 GMT strict-transport-security max-age=31536000 last-modified Tue, 07-May-2024 08:34:24 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.118%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A411990728098%3Ahid%3A475124358%3Az%3A120%3Ai%3A20240507103424%3Aet%3A1715070864%3Ac%3A1%3Arn%3A271513479%3Arqn%3A1%3Au%3A1715070864612729380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A455%3Awv%3A2%3Ads%3A12%2C27%2C65%2C1%2C1%2C0%2C%2C393%2C1%2C%2C%2C%2C499%3Aco%3A0%3Acpf%3A1%3Ans%3A1715070863442%3Agi%3AR0ExLjEuMTM5NTA3MjMzOC4xNzE1MDcwODY0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715070865%3At%3Aichika_jp%20Videos%3A%20Cam4%20ChatUrbate%20Online%20-%20ONScreens.me&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29 access-control-allow-origin https://www.onscreens.me cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 07-May-2024 08:34:24 GMT
GET		identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzFdYos4lPAHYB3LofISxobATczIIvKXJbgyCHbbpKFmhMBYpliKN01w... https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwmWgFsIOnuOgVBdAD0ABqr942ZCkeNqbfJ8cWkgxdZosUwn-JoDE8apsog4avFrpK3nNi_&passive=t...	0 0
GET H2	200	412125 Show response b.reissue2871.xyz/api/users/	619 B 556 B	43ms 35ms	Script text/javascript	2a01:4f8:161:6222::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://b.reissue2871.xyz/api/users/412125?host=www.onscreens.me&ev=212&wh=1200&ww=1600&uuid=&url=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&sid=97445588-3391-4e96-9b93-747f8a64663b Requested by Host: b.reissue2871.xyz URL: https://b.reissue2871.xyz/Y16FUD3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f8:161:6222::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 95425d10d0d4b382553dde1bd553dc9728c8588556829d1de84e8d89c0dbb5b0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:24 GMT cache-control private content-encoding gzip server nginx x-robots-tag noindex, nofollow vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	nmain.m.js Show response js.wpushsdk.com/skins/	459 KB 108 KB	20ms 20ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/skins/nmain.m.js Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 26106440376cfc59241a9ef152d26483d436f1c155744bda92a41d3906e60ba2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 07 May 2024 08:39:24 GMT date Tue, 07 May 2024 08:34:24 GMT content-encoding gzip last-modified Tue, 16 Apr 2024 12:49:54 GMT server nginx/1.18.0 etag W/"661e73f2-72c69" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	dip Show response nereserv.com/in/	0 201 B	222ms 29ms	XHR text/plain	157.90.84.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=debdd65a-3e4f-4ffa-a76a-e420a2249524&subid=483020946&sid=2776174093&spot_id=293804&created_at=2024-05-07&timezone=2&ver=8.159.0&is_native=1 Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 157.90.84.246 Ismaning, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.246.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 07 May 2024 08:34:25 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST H2	200	multy Show response 63cc093d48.f336d0935e.com/in/	65 KB 10 KB	300ms 292ms	XHR application/json	2a01:4f8:1060:13eb::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://63cc093d48.f336d0935e.com/in/multy Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 09c124e68e6bfe11f5601e169426e01b4e37a76d97b4413d12d29601e73f3a49 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Tue, 07 May 2024 08:34:25 GMT content-encoding gzip server nginx/1.20.1 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 10343
GET H3	200	favicon-32x32.png www.onscreens.me/	2 KB 3 KB	32ms 30ms	Other image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.onscreens.me/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b88326ae2a980712aa2c788676bfaaf83cb2f7ca9b7911bba0f9cb273476868 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.onscreens.me/m/ichika_jp Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:34:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4769 x-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 2210 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Apr 2024 13:22:49 GMT server cloudflare etag W/"8a2-18ea946bf00" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USoUpSXK03R%2Byg03WwziDP7pdjvJ4w9MaLbjDomsY8bf201PL8KQD7gAy1%2BUipghuaRbQPGFxf8myXfh46tBnjEm3iNw3pgGClJSBEQpDh5jHgnDjbw9TJn2Fnlf3az8iUmv"}],"group":"cf-nel","max_age":604800} content-type image/png x-frame-options SAMEORIGIN cache-control max-age=7776000, public accept-ranges bytes cf-ray 87ffdeea8a5266db-AMS expires Mon, 05 Aug 2024 06:19:53 GMT
OPTIONS H2	204	multy 63cc093d48.f336d0935e.com/in/ Frame	0 0	225ms 32ms	Preflight	2a01:4f8:1060:13eb::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://63cc093d48.f336d0935e.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.onscreens.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Tue, 07 May 2024 08:34:25 GMT pragma no-cache server nginx/1.20.1 vary Origin
GET H2	200	SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp static.bookmsg.com/creatives/SG/	486 B 698 B	70ms 18ms	Image image/webp	2a02:b48:8300::24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=7dd4d04a-7d5e-4286-8c01-294868a10acf&prev_step_diff=531 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Wed, 07 May 2025 08:34:25 GMT date Tue, 07 May 2024 08:34:25 GMT last-modified Fri, 08 Dec 2023 10:18:03 GMT server nginx/1.24.0 etag "6572ed5b-1e6" content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 486 x-proxy-cache HIT
GET H2	200	SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp static.bookmsg.com/creatives/SG/	1 KB 1 KB	68ms 17ms	Image image/webp	2a02:b48:8300::24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:b48:8300::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Wed, 07 May 2025 08:34:25 GMT date Tue, 07 May 2024 08:34:25 GMT last-modified Fri, 08 Dec 2023 10:18:03 GMT server nginx/1.24.0 etag "6572ed5b-42a" content-type image/webp cache-control max-age=31536000 accept-ranges bytes content-length 1066 x-proxy-cache HIT
GET H2	200	/ 63cc093d48.f336d0935e.com/in/show/	0 201 B	106ms 35ms	Image text/plain	2a01:4f8:1060:13eb::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://63cc093d48.f336d0935e.com/in/show/?tag_ab=a&site_id=31293804&adblock=0&testab=1&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&refdom=www.onscreens.me&auction_time=1715070865&subid=483020946&sid=2776174093&tcid=0&ver=8.159.0&ver_c=&spot_id=293804&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=&user_fp=80956397694520715&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D483020946%26spot_id%3D293804%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.onscreens.me%252Fm%252Fichika_jp%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYYY2TkICMGh5kWJGvEaEGDTI0yLcTIoDGmBYwyN2CMqXGwzJiWIhzOEZOGjEIdW0TQwDEDhgwYOWjYENHF4Rg3R2dSfFhnDEYcN3LcuFFjho0ZOWzQmBEDR1mnQUUQJYMxDZ0ybb7EiGvQzkIZM6TicAinjpiFZWvIcBgGzkWGN2YsFjEHjkQdNGjIiDGDrcMyeOh8qXxZhMgZOGDQiDumzWMaaWPA2GrQzMKGct24Wch2aVQYDtu48YiZBgwck-EIJ855M46tdfbqGEjH4hwdL16ceeNCeJjKbVyMedPmxZw2YeRY3PjCZw0xNnKYsTEGxo0YYWaMMUMGcBgaZsRAQxiRlZEafTSIIVUY_OWA0wxhwGCDQQqWIYMNatXAExljxWCGGT_UMQdCSZDRQ045MDgGamWUZUYZYtQQGXJpmbEWDiaNQdYNYuxIIw08TfgSfy8aKIaBGo6Bgw39kTEbF3XA4JQNbeB1pBwl9kCEFGHUsMQVMDCRRRJX6MEEFWfQ4QYabeThxBl1EPHGc_yRldlmncWQQ29kRfEGFFeASYQdUeARVRl1yGDFDUKQoUcVZMARRxxTGIFFFGnEIUQVVdCARR1a0BHFFEdsioUZSNiwxh1jVJaHFC2gAYVsR-iBhBxZZIHrGpCWkUYMStzhhAx13GHFF1bgMMQTMTiBBQxvDEGFEmeY0cYMbwSBAxU0pIFHejJQgcQYctwBAx1ZrPHFGVUksWUVaUAp5YVzvFGHHGOUkeWdnLEl75RwyNADDjngmNa_F8IRQw9OMIGwDXDM0ENcZJCH0RtYkVtGGVh1VwZrYVy2BVtVZYTvQjC4IKV9Mzgkhm06pIyacTXQYJVyX8Bxcswu2PBUDQ7JYcdjMQAtgk_KoexCZA7VUUcaX0FVw1lixQfkU_fVEFcaj4nAlgtP0eBC0TOAPVtcdYSBURNv6JEGG2yE8UINKoOAwhVpuFHxHXOA4AQVIMim8g4g4O2GWoTjoVYKIAThGBtlXAHjEnbNPcMNLphl9xJIUNEEEyyAwEYaa5QBwhE-rfEG40OgIQd5ZbwQw0wq1w4DCFMwmF4almNuFmteTddwXG_I8cUYwYswvENsJL-8CAfZ8YUcZbAxkYwq1YCDccCJIMcZu-kgg4w2Q1-G9GLIsdBg5kvfxht0if9c-WS8PpFDbxxVvs5v4JHHX0ErA8yoYx3svOAOCHQBxuagMY7NwWMvKE8axoAG0oXhC2rgCGWEhpHX0SFkxWtBHdxgF5uUjQw6It4cOKiDGNhAQAXTEGccgkKMHOQLKLxBXOjQholkzT7HsYHReCgDHxYNiEtSTA6MZpDplaEyXwiZEWuARCF-RnphgJx6jjKyGpQsDGIozUHMEIY6sEEihGkeyqxCHBj0QQEBAQ%253D%253D%26s%3D897ea1c589309780da765f20a0034dfe1709c1a28d3fd90ba89e2c65073c14c51715070865&icons=534HnG4QU1rOGnrnV8_OBelYVYqVsXilmJ7hGPBRQ4gIisFPc7XZVLoCJNx7N2SHeME1_p5tJeKlGOnX8DkFP3HKkSVE-Bri52GxI4G6URPwDksdxEZkmTQts0ayYrJqDW7KFySpfvMS3GdrzoMpd41ka4FZDuu4-bXd6J-we8ipE54RoA&ext_cid=496101&pop_price=0.0006205&pop_ecpm=0.01994313364638375&px_id=293804&min_cpm=0.013580876264019123&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10205&uniq=&mid=8797753639643185302&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.5639724639654136&cpm=0&verify_hash=d3059f12d986f0c289ce39e2b9bfb246&is_native=3&real_bid=0.5639724639654136&pop_real_cpm=0.6205&pop_real_bid=0.0005639724639654135&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F124.0.0.0%20Safari%2F537.36&ip_mismatch=2a00:1630:2:608::9&geo=NL&carrier=-&label_ids=20,108,0,4,27&need_redirect_show=0&applied_features=main-skins-settings,coef_098&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.0006205&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=cd373812-dc65-4ef2-b85e-98f21bb6118d&prev_step_diff=531 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 07 May 2024 08:34:25 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	/ 63cc093d48.f336d0935e.com/in/show/	0 200 B	100ms 35ms	Image text/plain	2a01:4f8:1060:13eb::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://63cc093d48.f336d0935e.com/in/show/?tag_ab=a&site_id=31293804&adblock=0&testab=1&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fwww.onscreens.me%2Fm%2Fichika_jp&refdom=www.onscreens.me&auction_time=1715070865&subid=483020946&sid=2776174093&tcid=0&ver=8.159.0&ver_c=&spot_id=293804&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-07&iabcat=IAB25-3&keywords=&user_fp=80956397694520715&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D483020946%26spot_id%3D293804%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.onscreens.me%252Fm%252Fichika_jp%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=1d3582bd4720ff6db9794afc95426ba0&url=https%3A%2F%2Fclick.eu.aneorwd.com%2Frtb%2Ffeedclick_inpage%3Ffeedid%3De703%26subid%3D31293804%26uuid%3Da07e4115-1e46-4fb6-8aa5-8718de6d531c%26ep%3DYR7WZW366YIJ6DXTJRNYCOW2WF76X3LFKNQILKBAMQZCNE37YVB6BUTG2XJDDWNMBC2NQDA33J3JBFFMS5WKDBZPYWICVYSTOT2QH3N3CNMNAFEKIG5MVZXXCSQCOM4RVIHMWAVW3QSMLJQYQH4WXFVRUEFPZ7UPVHZ3T3QXOYXCZWDBRK5NJJRRBACE56CTJPIASKJGVP2PK655IR5R6SV3SF6FJLHZEISM6DFLRRGJSITL3MYBCIMQTPYNUVPPZJF66FFJWJFWCCL3VMPTAU22YOZ2VD2KTKDYXFHB75QEYY3Q6HDO5Y424VMHUJ2YZZG6T76SLE6IYFC6O3EZKGU6MNXMEBYWQU2TN7GF5XLY6DJRMSNMNV77NWKCLM2RCGUVYRJTQYEAU26OR6MZJQ2IPKKT3U3TUHLYRBOLJMVILNZ2IAS6VMVDBGM2MXT2BM7QR6BDE2KFUI2437F5ACTVTX3N2SLRZ3K4IF2KH5LUDZND7KLKGRK57HQPO7QPOPLJKAXMVBDE4UMZJR3B6IKNZIMKOAWCRGOPSMEP4KQNMGS5PMNPCZ6SKOTL4HOMAJS2K7FAQB2KGQXCWLNBIXBOBMTD7B7MQE76W2TMA3A3JSPFOB4CBS3RJET4JWTEQ2IKF6LJPINY4AYSUTCYYVY6XQ%253D%253D%253D%253D%253D%253D&icons=7qQVyS_qoDvd_788dmXyf9R-GK88r0U6U2sPs1aHSsqc4POorWJ4Y9UvDzc3UQYrtoBkr1awaDhMevklovSe-orY6Z8g-mdefN7Ey4dymlTYErVQN3XR-6qL9r_u5F1c4wTVvpY6DP7cZF_HGySwtY_-nwWXtBT0YP0uIHMxBpM5kOkflJzLQHwob0m1zWrq-GMDuKjqP5zKmLFmoqLkjF9-oxXA7JQK_Uix5B92hwsRcxlKHUa3PTOLxQ4orgYkO4kFhrhyrWdK8Jiw3deybElOQn_9SF5kKUzIQYxHwld1wfXjeLEhTQSI6jQcBm3PpYIm_7eMIJoQF38l8dSZl82QegNQJSDQlM9StTaMVQmZueSL5RUgQ8b9bsDikv8QQmjYcDHu8sjCkQuFNCtPTn5y7wGML6qVL2UlI9oF_cnGgRvkr1h2DWSwpHM6i0Qnz1k-5QMTOFBxvhRxURgYgqVu9sZLcPRI_z5JR-dJ2_hHxdGQ6GM1ZHrKdmdta7V30aiBWKYuxcguoNlHHgeMGc_iDcM3sLzR8rkwCsK3czdAlHi03F_VwDQI0oUJxpJ0BGIbfxLptl3zWwFH_FODrzAjoqWCj74eTyaSaBlbcX7RlU92GoEraf2gkdiHPKtVTJZqftx2NSi6AWQjPqBA-Lp8lJKbO08siY5FQl8IJVdt88_eaLGMZpJTo3TDi0Iu6ie2l3wraTWFI1J4FVjKxw8KOYBX3Axo0K4CzKgb2YOyAAm-_SchWDWMVvOe6PROu4Xyt6NQnSrEJm6qt6QVw9K6nlcgZNByi3RUXUyHnhiJtDeCzHveNMdGAzSiuq9CxgBHRtEBKEo_Nc0K77r3mxuBX2sE8GQltYUCTfST5RcQu2v5b4HTb6SdOJRABgF4Tt5IXjCCNbSPIBOu6giKyKb_8TCu2bwGfdbPuDRe4lMoy9NLmPjVyHM5_ubK90MEhHyNIihNQEdnZKUcBzSvnRjp3ehRqlnPWcKf1d8EYnzrPn4P10YWCy3_gVS4XMxCMHnYTw06nRvVw0kyDhEwlZeht4Q1RzTwiZni0vxQP9Cw4WXJbLL7yEZtf_M1t9ij8tLtxhzofYiuURCiF62CsVYFUQY__fvWEFc3OWu9y4ogQDDm1CyysMC8KY0qUbIEHW9uulIHO1Ghh4yd26ILbWCrNWYAjZLWQ2HpHaGTzYQ-eO5i0l2os4TnFGFFn5X2pbhFdyklsGyIRBTNx2FTHpw-6BQ_wnu5rpIE3dXDQeiYJdr7Lbd3FFhJajwo_gNZooofqm2c9BP0PcWlLyvxYlTlHYbXqpCKci7bDZJrF_LcEZCPuy3xpBzW2tjjoeoGJO3Aey4Wx6BzDVewVQ-vUOR3hByg0bJkbErMub8Ke8Kcl2-pS5XLYVQvsIuJFYnGNgjPhm9WPVjxUmfM1GNJnDyc0zZyOmxsFYn5y2SJ4PuUq9kDKSBLiOujY0Hvxor8GWnKKqIwLARX1_g69o1dsr5JzJbebSWM7oSTWVHFW4r5k9DV0snvjjFnFafSCFafmoiAUMXDD1QK2pBlQo2rCn95m_yx4rA-G_0M_f2STY-dDqSUxKVYu8yBJostOSo141YbR-Ua_XSj_J3maMv30VqOO48yko87Jxom2PEWFvEDMWXC8LLzyYspwpKZo5kWnpaypVL6fjabzL7dNUJOvlM5ivrh3wlEz-CChrzHcY8uJCjC25RG8JTahTp-K-5JAMEggAuYl4NUW-1rUDAR_HlUrvof7fCN3CmaZUzvWHIUbly1_YoBDuY8-Fj3XWmkcL36BRk7DMi3CdWOM1TBDHj4Tfyu6sJgz-8eSUryFN1BEatXS9r017nup6iQ4ghCWuQNYE5n1cG4DCqgULPK2fesIQuHfK3UYVUagwDtxdPhPhC5T48goY8JLwXuJQCHE5hPQlm4ewjqNAA1JqGSvMyX9ZWs-itsSrzubOAt_pW1jZ6I8l_d12clXkvsOPrxeHS94MH9jNOCbPVm7hztyzDz-0gPvgVtwjTqktVYt5afjIHA48cdIjuUDhm_G-tN1PzT2bIyAOSGPLw&ext_cid=0&px_id=31293804&min_cpm=0.006873721891588731&out_id=0&campaign_type=mq&aid=3412&cid=12971&uniq=&mid=8797753639643185302&skin_id=2&vertical_id=14&skin_test=0&from_cache=0&ecpm=0.17708047624933615&cpm=0&verify_hash=97e181cad1c3b0e43bbb0c21a805f267&is_native=1&real_bid=0.009893979753339084&original_bid_usd=0.0109884273&original_bid=0.0109884273&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F124.0.0.0%20Safari%2F537.36&ip_mismatch=2a00:1630:2:608::9&geo=NL&carrier=-&label_ids=93,4,101,14&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Feu.histi.co%2Fnty%2Fmetrics%2Fsave.img%3Fevent%3Dtracked_impressions%26bid-id%3Dv2-1715070865299-7-6276-1269337-3cc7bb93-bd48-27e5-06a8-8e43073a605b%26price%3D0%26img%3Dhttps%253A%252F%252Ftrack.trackingtraffo.com%252Fpush%252Fim%253Fauth%253D2gpuzg%2526c%253DuU7-dNvDrPJbi1JnJSskQ9biOxnSFrDTUIvp-f8IXdiLjkQVDBj7_SOQW6oHSWynhft84RasP-yw_-I46TWQfON5vWWf0vsWN88USYD6rDfvsg1AW0RNIHj15cytlhd1pnWkEadlLs5zSOzcGH4fFmn6tFuXlshtyjjyMcyV0fB5RasxiTYGXXgUhiVu26XBe_agL1cwtCZixr7Qm1LhL72sMGakgvJzG_PsZbVaQorC7MXmxFlM0Ra2_1vsgeTCbKHZHt6H-u7CCcDaYlEOKFGMq0iZA-078mKmBSd_qsNd0ptkIvFxWI1vWjU_q0hdPHSNVY4l9rtqbR2wj1evK7Xyd75pTYZSGRiglaiMmHbYamWb2F3qCVVo_3-cq4isqDyZBMyUNvvwKmq_qeBPdtDuFqWAzRFYfLhmabAIiYJiEdfxrt-JTTTl-Pwnv4B4fl-pA1m3nFNgTBhEZDFsYH4yVdVs6MBJy1fJUqRlVHzdijeqomBD5rqbkgk3ntAitWDtzwwcPZj2R9Nplq6zAOWy5xaRKPeR3M9tdGlzmzQSOZD6oQ1A2Q&site=native-push-adult&price=0.0109884273&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=&pop_cpc=0.000010988427300000002&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.02&cpa=32604df6-09bf-4cae-a6a6-6a8c104f5801&prev_step_diff=531 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 07 May 2024 08:34:25 GMT server nginx/1.20.1 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H/1.1	200 OK	1712573924303-TTx511mjkAEX.jpg ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/ Frame 492F Redirect Chain https://tracking.eu.antskre.com/rtb/feedimpression?uuid=a07e4115-1e46-4fb6-8aa5-8718de6d531c&s=101&d=142&feedid=e703&rt=1715070865291&sb=0.0109884273&db=0.02417454&subid=31293804&tokid=null&url=LTM... https://eu.histi.co/nty/metrics/save.img?event=impressions&bid-id=v2-1715070865299-7-6276-1269337-3cc7bb93-bd48-27e5-06a8-8e43073a605b&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%... https://track.trackingtraffo.com/push/ic?auth=2gpuzg&c=t1d0YTjc8Q_OaUhDKgjpfOv80wGm6fWArk7p6suWgg9VRFDAUV9UxRYJqbNjhohg7mzHGJ7pkx9MKlNKtKhV_eEw3017No0uXWnck6dxC6gTLVBYblyxK5L27-GqS9KOugTHvkFo2DIMnH... https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924303-TTx511mjkAEX.jpg	50 KB 50 KB	266ms 54ms	Image image/jpeg	5.9.105.245 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924303-TTx511mjkAEX.jpg Protocol HTTP/1.1 Server 5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.245.105.9.5.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash e26a30bc890f969ee137a7a12d32c1f49a6c2cc01524a5770b9bf876132f7269 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Date Tue, 07 May 2024 08:34:26 GMT Last-Modified Mon, 08 Apr 2024 10:58:44 GMT Server nginx/1.18.0 (Ubuntu) ETag "6613cde4-c68d" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 50829 Redirect headers Pragma no-cache Date Tue, 07 May 2024 08:34:26 GMT Server nginx/1.18.0 (Ubuntu) Location https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924303-TTx511mjkAEX.jpg Cache-Control no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	1712573924309-bpD2Si6zOSCm.jpg ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/ Frame 492F Redirect Chain https://eu.histi.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1715070865299-7-6276-1269337-3cc7bb93-bd48-27e5-06a8-8e43073a605b&price=0&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fp... https://track.trackingtraffo.com/push/im?auth=2gpuzg&c=uU7-dNvDrPJbi1JnJSskQ9biOxnSFrDTUIvp-f8IXdiLjkQVDBj7_SOQW6oHSWynhft84RasP-yw_-I46TWQfON5vWWf0vsWN88USYD6rDfvsg1AW0RNIHj15cytlhd1pnWkEadlLs5zSO... https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924309-bpD2Si6zOSCm.jpg	96 KB 97 KB	266ms 55ms	Image image/jpeg	5.9.105.245 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924309-bpD2Si6zOSCm.jpg Protocol HTTP/1.1 Server 5.9.105.245 Giessen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.245.105.9.5.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash b35ed54d01200b17d09311e51d974ad0a3fba0850fa7e138291ec2ad1d1c7f34 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Date Tue, 07 May 2024 08:34:26 GMT Last-Modified Mon, 08 Apr 2024 10:58:44 GMT Server nginx/1.18.0 (Ubuntu) ETag "6613cde4-18160" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 98656 Redirect headers Pragma no-cache Date Tue, 07 May 2024 08:34:26 GMT Server nginx/1.18.0 (Ubuntu) Location https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1712573924309-bpD2Si6zOSCm.jpg Cache-Control no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 492F	483 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

accounts.google.com

URL

https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwmWgFsIOnuOgVBdAD0ABqr942ZCkeNqbfJ8cWkgxdZosUwn-JoDE8apsog4avFrpK3nNi_&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-569892114%3A1715070865130240&theme=mn&ddm=0