onnidan1.com Open in urlscan Pro
67.225.225.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://onnidan1.com/
Effective URL:
https://onnidan1.com/forum/
Submission: On September 29 via manual (September 29th 2020, 2:21:59 pm UTC) from US

Summary HTTP 75 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 75 HTTP transactions. The main IP is 67.225.225.92, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is onnidan1.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 23rd 2020. Valid for: 3 months.

This is the only time onnidan1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 27	67.225.225.92 67.225.225.92	32244 (LIQUIDWEB) (LIQUIDWEB)
3	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	170.178.168.203 170.178.168.203	46844 (ST-BGP) (ST-BGP)
1	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	199.187.193.164 199.187.193.164	47043 (SMARTADSE...) (SMARTADSERVER)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
75	15

27 67.225.225.92 (Lansing, United States) 5 redirects

ASN32244 (LIQUIDWEB, US)

onnidan1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onnidan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.178.168.203 (Las Vegas, United States)

ASN46844 (ST-BGP, US)
PTR: becrawl-show.flatreutic.com

delivery.switchadhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.105 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.187.193.164 (Canada)

ASN47043 (SMARTADSERVER, CA)

www15.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	onnidan1.com 3 redirects onnidan1.com	2 MB
22	googlesyndication.com pagead2.googlesyndication.com 4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com tpc.googlesyndication.com	429 KB
10	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	141 KB
4	onnidan.com 2 redirects onnidan.com	43 KB
4	googletagservices.com www.googletagservices.com	98 KB
4	google.com www.google.com adservice.google.com	2 KB
3	google.de adservice.google.de	420 B
3	smartadserver.com www15.smartadserver.com	8 KB
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	293 B
2	sascdn.com ced.sascdn.com ced-ns.sascdn.com	21 KB
1	gstatic.com www.gstatic.com	134 KB
1	switchadhub.com delivery.switchadhub.com
0	Failed function sub() { [native code] }. Failed
75	13

	Domain	Requested by
23	onnidan1.com	3 redirects onnidan1.com
13	pagead2.googlesyndication.com	onnidan1.com pagead2.googlesyndication.com securepubads.g.doubleclick.net ced-ns.sascdn.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	onnidan.com	2 redirects onnidan1.com
4	www.googletagservices.com	onnidan1.com pagead2.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www15.smartadserver.com	ced.sascdn.com onnidan1.com
3	securepubads.g.doubleclick.net	onnidan1.com securepubads.g.doubleclick.net
2	4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ced-ns.sascdn.com	www15.smartadserver.com
1	eus.rubiconproject.com	www15.smartadserver.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.gstatic.com	www.google.com
1	ced.sascdn.com	onnidan1.com
1	delivery.switchadhub.com	onnidan1.com
1	www.google.com	onnidan1.com
0	http Failed	onnidan1.com
75	19

This site contains links to these domains. Also see Links.

Domain
www.personalbuy.com
onnidan.com
onnidan2.com
www.ezportal.com
www.simplemachines.org
www.smfads.com
www.createaforum.com
smf.konusal.com

Subject Issuer	Validity	Valid
onnidan1.com Let's Encrypt Authority X3	`2020-09-23` - `2020-12-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
antitrumpmemes.info Let's Encrypt Authority X3	`2020-09-10` - `2020-12-09`	3 months	crt.sh
onnidan.com Let's Encrypt Authority X3	`2020-08-12` - `2020-11-10`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh

This page contains 15 frames:

Primary Page: https://onnidan1.com/forum/
Frame ID: 7A71D0E45596ECACEBAFAEB30BF3FE3D
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Frame ID: 01275F7C52A3B1C37D3CDCA3ACD2A41F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&h=100&slotname=5446650425&adk=2883139551&adf=1248014477&w=320&lmt=1601389304&psa=0&guci=1.2.0.0.2.2.0.0&format=320x100&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&wgl=1&dt=1601389305038&bpp=31&bdt=694&idt=74&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4867028933142&frm=20&pv=2&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=154126659594&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CTm8eRVj2b&p=https%3A//onnidan1.com&dtd=91
Frame ID: EC23DFA4979A88BE7373E262F0A3C3AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&h=280&slotname=1487771229&adk=1217998968&adf=2935319587&w=1200&fwrn=4&fwrnh=100&lmt=1601389304&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601389305069&bpp=4&bdt=725&idt=71&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sI4R6CEQ4x&p=https%3A//onnidan1.com&dtd=76
Frame ID: E83A2E7CC6D57F33D79DFA9B571E3E1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&h=280&slotname=1487771229&adk=913813160&adf=2996307251&w=1200&fwrn=4&fwrnh=100&lmt=1601389304&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601389305073&bpp=1&bdt=730&idt=79&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C1200x280&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4fHRp4KcrY&p=https%3A//onnidan1.com&dtd=81
Frame ID: 42DBDAD80F2637762763EDD0779276E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&adk=1812271804&adf=3025194257&lmt=1601389304&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&pra=7&wgl=1&dt=1601389305075&bpp=1&bdt=732&idt=112&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C1200x280%2C1200x280&nras=1&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=117
Frame ID: 5954D69AD91FA1CD9783B6C31B754FB9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: CD5A9FBD79039663731BA479C3280F74
Requests: 1 HTTP requests in this frame

Frame: https://4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8565D165A84EDB1697C10037CE3F9535
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 82A6A29216FA3377E49A206D1735EF20
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: C7673047C3B02743A825565E1CE7A2F0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3515913239267445&output=html&h=250&slotname=3122693530&adk=870267749&adf=3279755405&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&wgl=1&dt=1601389305700&bpp=3&bdt=41&idt=92&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&correlator=4867028933142&frm=23&ife=5&pv=2&ga_vid=634038163.1601389306&ga_sid=1601389306&ga_hid=562060764&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1230&ady=651&biw=1600&bih=1200&isw=300&ish=250&ifk=439858828&scr_x=0&scr_y=0&eid=21067104&oid=3&pvsid=3565664038958843&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.n8pw4cs3s78h&fsb=1&dtd=101
Frame ID: F710FCFDF94513A1DB844BAB51A88248
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3515913239267445&output=html&h=600&slotname=6597181913&adk=1693239728&adf=3279755404&w=160&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&wgl=1&dt=1601389305749&bpp=2&bdt=83&idt=129&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&correlator=4867028933142&frm=23&ife=5&pv=1&ga_vid=1880387715.1601389306&ga_sid=1601389306&ga_hid=1875733535&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=913&biw=1600&bih=1200&isw=160&ish=600&ifk=2939067993&scr_x=0&scr_y=0&oid=3&pvsid=2014509506983067&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xa87z6x53nk&fsb=1&dtd=136
Frame ID: 85633BBEC1C6BFDC80E568D9D051844C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 719BB781C73D4384B74B853919E97EB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 0CEDF7ADDC8216362AE7FCB921E97BAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 8443DE6494253023AB37579FF0BDDC36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://onnidan1.com/ HTTP 301
https://onnidan1.com/ Page URL
http://onnidan1.com/forum/ HTTP 301
https://onnidan1.com/forum/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

75
Requests

97 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

15
IPs

5
Countries

2529 kB
Transfer

3987 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.personalbuy.com/shopsite_sc/shopping_cart/ref.cgi?storeid=*10cfa218ab06b0413e7d&name=Onnidan_Online
Title:

Search URL Search Domain Scan URL

URL: http://onnidan.com/

Search URL Search Domain Scan URL

URL: http://onnidan2.com/

Search URL Search Domain Scan URL

URL: http://www.ezportal.com/
Title: EzPortal

Search URL Search Domain Scan URL

URL: https://www.simplemachines.org/about/smf/license.php
Title: SMF © 2019

Search URL Search Domain Scan URL

URL: https://www.simplemachines.org/
Title: Simple Machines

Search URL Search Domain Scan URL

URL: http://www.smfads.com/
Title: SMFAds

Search URL Search Domain Scan URL

URL: http://www.createaforum.com/
Title: Free Forums

Search URL Search Domain Scan URL

URL: http://smf.konusal.com/
Title: Smf Destek

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onnidan1.com/ HTTP 301
https://onnidan1.com/ Page URL
http://onnidan1.com/forum/ HTTP 301
https://onnidan1.com/forum/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://onnidan1.com/ HTTP 301
https://onnidan1.com/

Request Chain 8

http://onnidan1.com/forum/Themes/default/images/fanforum.png HTTP 301
https://onnidan1.com/forum/Themes/default/images/fanforum.png

Request Chain 19

http://onnidan.com/GRAPHICS/oonline_logo14.jpg HTTP 301
https://onnidan.com/GRAPHICS/oonline_logo14.jpg

Request Chain 21

http://onnidan.com/images/comp_fbsked_btn.jpg HTTP 301
https://onnidan.com/images/comp_fbsked_btn.jpg

Request Chain 45

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
onnidan1.com/
Redirect Chain

http://onnidan1.com/
https://onnidan1.com/

145 B
424 B

336ms
112ms

Document
text/html

67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://onnidan1.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 990e329fbec543aac9bed04c8cbdb9aabeca55dfb50156338ab84672605f50a9

Request headers

Host: onnidan1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:43 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 12 Aug 2014 05:08:33 GMT
Accept-Ranges: bytes
Content-Length: 145
Keep-Alive: timeout=2, max=500
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 29 Sep 2020 14:21:43 GMT
Server: Apache
Location: https://onnidan1.com/
Content-Length: 229
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
onnidan1.com/forum/
Redirect Chain

http://onnidan1.com/forum/
https://onnidan1.com/forum/

43 KB
9 KB

278ms
277ms

Document
text/html

67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://onnidan1.com/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache / PHP/7.3.22

Resource Hash

e430de742f608fd5276cee60aad7000e378ea4f0fecca24e1ecdfd8d95130c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Host: onnidan1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Server: Apache
X-Powered-By: PHP/7.3.22
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Pragma: no-cache
Cache-Control: private
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=m4aqeninhjd47ta79ml1kpjo9j; path=/; domain=.onnidan1.com
Last-Modified: Tue, 29 Sep 2020 14:21:44 GMT
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 29 Sep 2020 14:21:43 GMT
Server: Apache
Location: https://onnidan1.com/forum/
Content-Length: 235
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK index.css
onnidan1.com/forum/Themes/DeepBlue2/css/ 56 KB
56 KB 114ms
112ms Stylesheet
text/css 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: f017e41e59e38c3d431986ef3688931a2ec10a0e2b623728ab556c0e81b838c6

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sun, 14 May 2017 05:01:58 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 56931

GET
H/1.1 200
OK script.js Show response
onnidan1.com/forum/Themes/default/scripts/ 46 KB
46 KB 344ms
111ms Script
application/javascript 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://onnidan1.com/forum/Themes/default/scripts/script.js?fin20
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 7ca641b35b687a1c459f8af25a97455130dce131a4a4d5b22fb219f948c4765d

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sun, 23 Feb 2020 02:50:51 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=500
Content-Length: 47166

GET
H/1.1 200
OK theme.js Show response
onnidan1.com/forum/Themes/DeepBlue2/scripts/ 4 KB
4 KB 365ms
120ms Script
application/javascript 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/scripts/theme.js?fin20
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 0a73a6383375c850afc72c94d04c8b8dafe65f456407e424515656870d2660dd

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sun, 14 May 2017 05:01:59 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=500
Content-Length: 3688

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
17 KB 43ms
43ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

3460fb0edd84ddff62668eabdb2972debe4d706985dc958ce592472523262f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "647 / 960 of 1000 / last-modified: 1601378087"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17570
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:44 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
728 B 16ms
15ms Script
text/javascript 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55feabb7c89fc4649224ff81813c258de1624604ef7d2802e5b0877bafdd73a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Tue, 29 Sep 2020 14:21:44 GMT

GET
H/1.1 200
OK recaptcha.css
onnidan1.com/forum/Themes/default/css/ 159 B
400 B 333ms
111ms Stylesheet
text/css 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://onnidan1.com/forum/Themes/default/css/recaptcha.css
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: dc272fe9016e5ba26bb1ac363b007fae8f065c64b767310da58ec24c41f16af1

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Mon, 03 Aug 2020 00:45:14 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Content-Length: 159

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
17 KB 49ms
42ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ddbdb314dfb1e5fb00c9fb42703346dda3eeb9fd4972f297500551ecab8208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "647 / 603 of 1000 / last-modified: 1601378235"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17582
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:44 GMT

GET
H/1.1

200
OK

fanforum.png
onnidan1.com/forum/Themes/default/images/
Redirect Chain

http://onnidan1.com/forum/Themes/default/images/fanforum.png
https://onnidan1.com/forum/Themes/default/images/fanforum.png

21 KB
21 KB

202ms
125ms

Image
image/png

67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/default/images/fanforum.png
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 586f98e65b2db7f45839efb24fbf42db6a45709d953e78eb6a558b1ba0d4e389

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sun, 14 May 2017 05:08:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 21295

Redirect headers

Location: https://onnidan1.com/forum/Themes/default/images/fanforum.png
Date: Tue, 29 Sep 2020 14:21:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=498
Content-Length: 269
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 128 KB
45 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45153
x-xss-protection: 0
server: cafe
etag: 585107306576143112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 14:21:44 GMT

GET
H/1.1 200
OK bcban.gif
onnidan1.com/images/ 77 KB
78 KB 118ms
112ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/images/bcban.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 07f4f9f2e2dacbe3e7c0ceaa3b2f0459a88ce011ea28c4450d245aa4d17e3f84

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sat, 08 Aug 2020 01:08:49 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 79152

GET bcban.gif
http//onnidan9.com/GRAPHICS/ 0
0

GET
H/1.1 404
Not Found sat.js
delivery.switchadhub.com/adserver/ 0
0 1013ms
164ms Script
text/html 170.178.168.203
ST-BGP

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.switchadhub.com/adserver/sat.js
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 170.178.168.203 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS: becrawl-show.flatreutic.com
Software: /
Resource Hash

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK collapse.gif
onnidan1.com/forum/Themes/DeepBlue2/images/ 292 B
534 B 125ms
120ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/collapse.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: d7c1a29836ca2dd978e2f50a01de4c754f7e1a89d91a6148378e42d6e47d5a5d

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sun, 14 May 2017 05:01:59 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 292

GET
H/1.1 200
OK fader.js Show response
onnidan1.com/forum/Themes/default/scripts/ 7 KB
7 KB 124ms
124ms Script
application/javascript 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://onnidan1.com/forum/Themes/default/scripts/fader.js
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 85e3ebe44bbd5ec1dfc6ea22929c10e06900262df42a65737c7d3fb884321b70

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sun, 14 May 2017 04:31:47 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 7000

GET
H/1.1 200
OK kapa.png
onnidan1.com/forum/Themes/DeepBlue2/images/ 2 KB
2 KB 116ms
111ms Image
image/png 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/kapa.png
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 6695f0a0b3ed1238eafc494ac293da85b57c1001f1c363c59898759e54a638b1

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Sun, 14 May 2017 05:01:59 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Content-Length: 1983

GET
H/1.1 200
OK avatar_10126_1601052152.png
onnidan1.com/forum/avatars/ 8 KB
9 KB 123ms
123ms Image
image/png 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/avatars/avatar_10126_1601052152.png
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: e5c7ba126c16ecfefbc2b04dd0600aa972ca4982a0833c15a0505a675e4d360b

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Last-Modified: Fri, 25 Sep 2020 16:42:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=2, max=500
Content-Length: 8656

GET
H/1.1 200
OK FAMU_rattler.gif
onnidan1.com/forum/avatars/ 2 KB
2 KB 371ms
119ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/avatars/FAMU_rattler.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: d36572f068a9c6e70c1abacdd8b7e33f1c386832f2ee5592203800a5e8e2b967

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sat, 09 Aug 2008 22:45:41 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=2, max=500
Content-Length: 1657

GET
H/1.1 200
OK BSU_dog.gif
onnidan1.com/forum/avatars/ 3 KB
3 KB 249ms
121ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/avatars/BSU_dog.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a1e1062048a44e25d208c58d57920a7edf2f7f3327ad5422db7f55f35e8671

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sat, 09 Aug 2008 22:45:44 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 2866

GET
H/1.1

200
OK

oonline_logo14.jpg
onnidan.com/GRAPHICS/
Redirect Chain

http://onnidan.com/GRAPHICS/oonline_logo14.jpg
https://onnidan.com/GRAPHICS/oonline_logo14.jpg

20 KB
21 KB

379ms
133ms

Image
image/jpeg

67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onnidan.com/GRAPHICS/oonline_logo14.jpg

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

4fe219fc68a8695441e5b218110000ce3e2d2a20f61600efe271d8be1ef5c8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Oct 2015 13:42:14 GMT
Server: Apache
Upgrade: h2
Cache-Control: max-age=31536000, public, public
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=500
Content-Length: 20784
Expires: Wed, 29 Sep 2021 14:21:45 GMT

Redirect headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://onnidan.com/GRAPHICS/oonline_logo14.jpg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=500
Content-Length: 255
Expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/3265/ 30 KB
11 KB 75ms
28ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/3265/smart.js
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 71bf2cf011487bb52e37443b12af424c3f1e158b164675ff9c84ccfbdd41558b

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:44 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=293
Content-Length: 10887
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1

200
OK

comp_fbsked_btn.jpg
onnidan.com/images/
Redirect Chain

http://onnidan.com/images/comp_fbsked_btn.jpg
https://onnidan.com/images/comp_fbsked_btn.jpg

21 KB
21 KB

377ms
131ms

Image
image/jpeg

67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onnidan.com/images/comp_fbsked_btn.jpg

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

Apache /

Resource Hash

e8af636258ae1e6bfcf6bd7ff2024a9fd84ff962c37e61088cebcc0d0e0dd41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 04 Oct 2015 13:36:16 GMT
Server: Apache
Upgrade: h2
Cache-Control: max-age=31536000, public, public
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=2, max=500
Content-Length: 21227
Expires: Wed, 29 Sep 2021 14:21:45 GMT

Redirect headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://onnidan.com/images/comp_fbsked_btn.jpg
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=500
Content-Length: 254
Expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H/1.1 200
OK bcs300.gif
onnidan1.com/images/ 1 MB
1 MB 268ms
122ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/images/bcs300.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 0e5529b8c583f30aa157b2d4e63638cdf8c42d100773799bcddd6897a6b6a5fc

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sat, 08 Aug 2020 01:04:14 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Content-Length: 1404828

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/ 340 KB
134 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://onnidan1.com
Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136265
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 00:07:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Sep 2021 14:15:18 GMT

GET
H/1.1 200
OK generic_icons.png
onnidan1.com/forum/Themes/DeepBlue2/images/ 39 KB
39 KB 200ms
112ms Image
image/png 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/generic_icons.png
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 24bfa31599df967ab6abace56a927cceb8adfc8c7d3aa3d64140057eab8c1fd4

Request headers

Referer: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sun, 14 May 2017 05:01:59 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Content-Length: 40036

GET
H/1.1 200
OK Chevron.gif
onnidan1.com/forum/Themes/DeepBlue2/images/ 121 B
363 B 215ms
120ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/Chevron.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: fba8cada8963a17a47404bd6705aba18c5f93dbec0d171ce7b97adf04315527a

Request headers

Referer: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sun, 14 May 2017 05:01:59 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Content-Length: 121

GET
H/1.1 200
OK expand.gif
onnidan1.com/forum/Themes/DeepBlue2/images/ 303 B
567 B 149ms
121ms Image
image/gif 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/expand.gif
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 0bd908397b2652c7c11fe8919669cb75003e6477d1ccc76933ff099811b0b64f

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sun, 14 May 2017 05:01:59 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=2, max=500
Content-Length: 303

GET
H/1.1 200
OK ac.png
onnidan1.com/forum/Themes/DeepBlue2/images/ 2 KB
2 KB 202ms
118ms Image
image/png 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/ac.png
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 873975af8fc24f0fdb98a18581aa0e435c699b2fcbc5d73ab3fc68d2f8aa089a

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sun, 14 May 2017 05:01:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Content-Length: 1962

GET
H/1.1 200
OK ac Show response
www15.smartadserver.com/ 10 KB
4 KB 598ms
314ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www15.smartadserver.com/ac?nwid=3265&siteid=273726&pgid=1020114&fmtid=71427&async=1&visit=m&tmstp=3591032114&tag=sas_71427&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fonnidan1.com%2Fforum%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3265/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 8f47e1b32ff318d524245567413641bfe8b2a1d7a11e3abd7e29f1e35a07c14d

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 14:21:44 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b24%3b66
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8345034
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
www15.smartadserver.com/ 10 KB
4 KB 651ms
365ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www15.smartadserver.com/ac?nwid=3265&siteid=273726&pgid=1020114&fmtid=71430&async=1&visit=s&tmstp=3591032114&tag=sas_71430&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fonnidan1.com%2Fforum%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3265/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 40313dd09ca0187737107c86765fb03e2f4007158152f6919270fea51fa39a62

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b11%3b73
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8345032
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK boardicons.png
onnidan1.com/forum/Themes/DeepBlue2/images/ 2 KB
3 KB 150ms
121ms Image
image/png 67.225.225.92
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onnidan1.com/forum/Themes/DeepBlue2/images/boardicons.png
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.225.92 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software: Apache /
Resource Hash: 1c66567497c9890d7fd74d568b283b3f951d8036001128b17faf52c91c6015de

Request headers

Referer: https://onnidan1.com/forum/Themes/DeepBlue2/css/index.css?fin20
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 14:21:45 GMT
Last-Modified: Sun, 14 May 2017 05:01:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 2482

GET adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

GET
H3-Q050 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ 264 KB
93 KB 49ms
48ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ 229 KB
86 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/ Frame 0127 0
0 6ms
6ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200924/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 28 Sep 2020 19:38:57 GMT
expires: Mon, 12 Oct 2020 19:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 67368
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=onnidan1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onnidan1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame EC23 0
0 375ms
375ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&h=100&slotname=5446650425&adk=2883139551&adf=1248014477&w=320&lmt=1601389304&psa=0&guci=1.2.0.0.2.2.0.0&format=320x100&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&wgl=1&dt=1601389305038&bpp=31&bdt=694&idt=74&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4867028933142&frm=20&pv=2&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=154126659594&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CTm8eRVj2b&p=https%3A//onnidan1.com&dtd=91

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9142359732497700&output=html&h=100&slotname=5446650425&adk=2883139551&adf=1248014477&w=320&lmt=1601389304&psa=0&guci=1.2.0.0.2.2.0.0&format=320x100&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&wgl=1&dt=1601389305038&bpp=31&bdt=694&idt=74&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4867028933142&frm=20&pv=2&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=154126659594&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CTm8eRVj2b&p=https%3A//onnidan1.com&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 14:21:45 GMT
server: cafe
content-length: 23142
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Sep-2020 14:36:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Sep 2020 14:21:45 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E83A 0
0 479ms
479ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&h=280&slotname=1487771229&adk=1217998968&adf=2935319587&w=1200&fwrn=4&fwrnh=100&lmt=1601389304&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601389305069&bpp=4&bdt=725&idt=71&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sI4R6CEQ4x&p=https%3A//onnidan1.com&dtd=76

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9142359732497700&output=html&h=280&slotname=1487771229&adk=1217998968&adf=2935319587&w=1200&fwrn=4&fwrnh=100&lmt=1601389304&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601389305069&bpp=4&bdt=725&idt=71&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEebr%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sI4R6CEQ4x&p=https%3A//onnidan1.com&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 14:21:45 GMT
server: cafe
content-length: 23407
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Sep-2020 14:36:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Sep 2020 14:21:45 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 42DB 0
0 321ms
320ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&h=280&slotname=1487771229&adk=913813160&adf=2996307251&w=1200&fwrn=4&fwrnh=100&lmt=1601389304&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601389305073&bpp=1&bdt=730&idt=79&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C1200x280&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4fHRp4KcrY&p=https%3A//onnidan1.com&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9142359732497700&output=html&h=280&slotname=1487771229&adk=913813160&adf=2996307251&w=1200&fwrn=4&fwrnh=100&lmt=1601389304&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601389305073&bpp=1&bdt=730&idt=79&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C1200x280&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4fHRp4KcrY&p=https%3A//onnidan1.com&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 14:21:45 GMT
server: cafe
content-length: 25332
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Sep-2020 14:36:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Sep 2020 14:21:45 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
31 KB 413ms
413ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2733589737430495&correlator=3834673369550542&output=ldjh&impl=fifs&eid=21067394%2C21067559%2C21067398&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200929&iu_parts=1011273%2CMobile_Leaderboard_320x50%2CFF_Mobile_Leaderboard_320x50&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&cookie_enabled=1&bc=31&abxe=1&lmt=1601389304&dt=1601389305176&dlt=1601389304343&idt=819&frm=20&biw=1600&bih=1200&oid=3&adxs=640&adys=0&adks=914543684&ucis=1&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&dssz=37&icsg=703882473482&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=320x-1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

9a425eed5bb973b0ba851dd2ea92b1472343a913771a4e12635ea23a6e2d62be

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_468x60.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_468x60.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfgvIXIjuwCFQ-6dwoddUMIBA&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_468x60.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_468x60.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_468x60.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfgvIXIjuwCFQ-6dwoddUMIBA&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_468x60.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30893
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 29 Sep 2020 14:21:45 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://onnidan1.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
39ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5954 0
0 47ms
47ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142359732497700&output=html&adk=1812271804&adf=3025194257&lmt=1601389304&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&pra=7&wgl=1&dt=1601389305075&bpp=1&bdt=732&idt=112&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C1200x280%2C1200x280&nras=1&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=117

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9142359732497700&output=html&adk=1812271804&adf=3025194257&lmt=1601389304&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&pra=7&wgl=1&dt=1601389305075&bpp=1&bdt=732&idt=112&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100%2C1200x280%2C1200x280&nras=1&correlator=4867028933142&frm=20&pv=1&ga_vid=1472448793.1601389305&ga_sid=1601389305&ga_hid=1199931275&ga_fc=0&iag=0&icsg=703882473482&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067499&oid=3&pvsid=2733589737430495&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 14:21:45 GMT
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Sep-2020 14:36:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Sep 2020 14:21:45 GMT
cache-control: private

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame CD5A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

0
0

94ms
46ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: www15.smartadserver.com
URL: https://www15.smartadserver.com/ac?nwid=3265&siteid=273726&pgid=1020114&fmtid=71427&async=1&visit=m&tmstp=3591032114&tag=sas_71427&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fonnidan1.com%2Fforum%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://onnidan1.com/forum/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 24 Sep 2020 16:43:28 GMT
Content-Encoding: gzip
Content-Length: 9448
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=74082
Expires: Wed, 30 Sep 2020 10:56:27 GMT
Date: Tue, 29 Sep 2020 14:21:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Tue, 29 Sep 2020 14:21:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 29 KB
10 KB 35ms
7ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: www15.smartadserver.com
URL: https://www15.smartadserver.com/ac?nwid=3265&siteid=273726&pgid=1020114&fmtid=71427&async=1&visit=m&tmstp=3591032114&tag=sas_71427&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fonnidan1.com%2Fforum%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4198) /
Resource Hash: b1f2716e261e2eeb0eb77724d6aa689c71a5fd8f53d7d1eabbe8bd022b1264f9

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 09:43:41 GMT
server: ECS (fcn/4198)
age: 16451
etag: "745634a3f61fad603f73af9ec7d79f32:1600940774.826814"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9816

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=onnidan1.com&host=onnidan1.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 14:21:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8565 0
0 45ms
13ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 29 Sep 2020 14:21:45 GMT
expires: Wed, 29 Sep 2021 14:21:45 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 82A6 128 KB
44 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45153
x-xss-protection: 0
server: cafe
etag: 585107306576143112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C767 128 KB
44 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45153
x-xss-protection: 0
server: cafe
etag: 585107306576143112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame 82A6 229 KB
86 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ Frame C767 229 KB
86 KB 35ms
28ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 82A6 109 B
126 B 76ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=onnidan1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 82A6 109 B
868 B 73ms
21ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onnidan1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame F710 0
0 382ms
380ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3515913239267445&output=html&h=250&slotname=3122693530&adk=870267749&adf=3279755405&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&wgl=1&dt=1601389305700&bpp=3&bdt=41&idt=92&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&correlator=4867028933142&frm=23&ife=5&pv=2&ga_vid=634038163.1601389306&ga_sid=1601389306&ga_hid=562060764&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1230&ady=651&biw=1600&bih=1200&isw=300&ish=250&ifk=439858828&scr_x=0&scr_y=0&eid=21067104&oid=3&pvsid=3565664038958843&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.n8pw4cs3s78h&fsb=1&dtd=101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17775429334434668174/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17775429334434668174/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-e5YXIjuwCFcz5dwodUCMNJQ&gqi=-UJzX53tNJLqgAf5842IAg&layout=/sadbundle/%24csp%253Der3%24/17775429334434668174/300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3515913239267445&output=html&h=250&slotname=3122693530&adk=870267749&adf=3279755405&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&wgl=1&dt=1601389305700&bpp=3&bdt=41&idt=92&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&correlator=4867028933142&frm=23&ife=5&pv=2&ga_vid=634038163.1601389306&ga_sid=1601389306&ga_hid=562060764&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1230&ady=651&biw=1600&bih=1200&isw=300&ish=250&ifk=439858828&scr_x=0&scr_y=0&eid=21067104&oid=3&pvsid=3565664038958843&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.n8pw4cs3s78h&fsb=1&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkWR6M1o1uaWIEu-NRZbVWkMr_NufsFZwaKRLj7AnNSJoF7JmjVjx6x_xoe; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17775429334434668174/300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17775429334434668174/300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-e5YXIjuwCFcz5dwodUCMNJQ&gqi=-UJzX53tNJLqgAf5842IAg&layout=/sadbundle/%24csp%253Der3%24/17775429334434668174/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 14:21:46 GMT
server: cafe
content-length: 32423
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 82A6 8 KB
7 KB 49ms
24ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a73ebe70f21155b1eaf542436a48a30cf518d27fe0767ca20ebfb6511bcab6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6316
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82A6 72 KB
27 KB 50ms
38ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame C767 109 B
126 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=onnidan1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame C767 109 B
126 B 17ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onnidan1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8563 0
0 273ms
271ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3515913239267445&output=html&h=600&slotname=6597181913&adk=1693239728&adf=3279755404&w=160&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&wgl=1&dt=1601389305749&bpp=2&bdt=83&idt=129&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&correlator=4867028933142&frm=23&ife=5&pv=1&ga_vid=1880387715.1601389306&ga_sid=1601389306&ga_hid=1875733535&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=913&biw=1600&bih=1200&isw=160&ish=600&ifk=2939067993&scr_x=0&scr_y=0&oid=3&pvsid=2014509506983067&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xa87z6x53nk&fsb=1&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3515913239267445&output=html&h=600&slotname=6597181913&adk=1693239728&adf=3279755404&w=160&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fonnidan1.com%2Fforum%2F&ea=0&flash=0&wgl=1&dt=1601389305749&bpp=2&bdt=83&idt=129&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&correlator=4867028933142&frm=23&ife=5&pv=1&ga_vid=1880387715.1601389306&ga_sid=1601389306&ga_hid=1875733535&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1300&ady=913&biw=1600&bih=1200&isw=160&ish=600&ifk=2939067993&scr_x=0&scr_y=0&oid=3&pvsid=2014509506983067&pem=923&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xa87z6x53nk&fsb=1&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkWR6M1o1uaWIEu-NRZbVWkMr_NufsFZwaKRLj7AnNSJoF7JmjVjx6x_xoe; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 14:21:46 GMT
server: cafe
content-length: 5753
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C767 8 KB
6 KB 22ms
21ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eae67c03298a7bbccc91cdcf5d1c5a9d801d3e31877e60556ee61901f08ae1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C767 72 KB
27 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 82A6 16 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C767 16 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:45 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 719B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Tue, 29 Sep 2020 13:58:07 GMT
expires: Wed, 29 Sep 2021 13:58:07 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1418
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 0CED 0
0 6ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Tue, 29 Sep 2020 13:18:21 GMT
expires: Wed, 29 Sep 2021 13:18:21 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3805
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82A6 0
174 B 41ms
39ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gda_r20200924&jk=3565664038958843&bg=!Tk2lTVVYRnv2DR7j-wwCAAAAe1IAAAAYCgCtlqcGfcDpVU6fCrX5HaSQMKXqvxYJkCjMUc1xEPzZASSaaueqqbGGL_MkvLIdDy_oLvA7eg8iRLUE2yqrH6sN9S_CdHq4BK9v5FOEt7YA68L61H3-o8H3gLAV_IqDUTfG17sqXY080spoO2ahm_HVARjF0XicdYLp8Qw__EtouTAIKE4R2wkWmGe6dhwHFsgkYlDdm74ZIbs15J6hyFjwjb0VcI39Y2hJ-V8lJriZAbvh8npUWRqjD7GgRiz7vqWvrBUKJQlz6tQiRJrSOkOLu_qfTlj41NFyQknhZnxhF6t8AoQ1YaM--LRqksUZjWTNTg-M4VTjzS76hKlwI7wl61vLihtD-8x4sNxf4_x9TwTKv59zK4tkhcpUrEqyZNy8nSmB5I1Bk4HuTJG5TaqitkjiSrSqrwrSPpHRv-_J7uT4tL49yIfH9MyUOE8LCecaqpIH_gQsxcQYwPQy9PLHE873ruoDyqcFyrcaeQ_yZ10DoE-8aXpWVJQXTNj0DWU3Z4KcTg1U6Epws8ddqqBI7s0ytOvzMHThU4D0D7GZ_e4BBRFKK-5cjlUSlYZDAi6zJi6Eypx3juCFl8oIIQsY_y52liojt-Y-UnLn0-rpHyngHx80AF8kDBEBfvesteVOetqb7dwIq5hmn7gqTGHb5sYgIbOCjLTqD0JfcJCztTnCUfnZ1poJUY0SGzJiC6iFkLAzl583735l9wOw91Plp2e93BrCZFjZXJlkL26jfgYeWEKuitCOFGj_ZogzpkctGFL3fVl5LpMrcS6toQ7Lf6tyEEVGCT8ep9lUcbQLkURZEnCGiqD215vkOA

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 14:21:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C767 0
22 B 42ms
40ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gda_r20200924&jk=2014509506983067&bg=!RkWlRV1YFAJzIZBudRUCAAAAd1IAAAAYCgEOhi_Q1xtmD6RheLm_RaBj4dd7P8oQnWtyH18gjrJWrIisHZRLatxken9zIXa0TbI189DQFWeCzS8oLd9-D_QP2VfmycW7IwbMtnkR1YI_55yBqsQn3kpmWkJ-jAIV5jA5Y8kDkTw0N6kbTfp_YzbBb2T3Cz6SDD4hD7FRGtVZh6I1i0qyKkzhavRtosC8WtRqrDkbqwdec_ChIlKVV7eBMNANYte1A6pe9yn2BIc8rFig8L8q-RxM29n-gwd2jsPX2ATqfUBXyiJZLQtwpNILbu9v1G1iKdmvjMZ3VcFZgeO7XxSNZSHV0BeRTdLodYXakVe0KCpUQVR4_PvUroJioqu_bWBSu9O_QjkzDxhhmQG7i33yLhHEitlVUzDI-ui4RSZoODGX3NNcMeVi-iPnp8PMoPiDGf5e2s98-yEnLpNvOkp_UcdFKS8e7GRkOUUMvdxN0B8FNgLSKQUjTc1Mcb3RKb_4EnwgJ3w6KcAkVvgIEoGybpZgtKMRyKWcJpL5nxpdXWuakFiPMBE6QrFjidgEONxRbyxJRD9ccLVfsO0nADEmfwJnrtH4b1tXQ17xpGvI94HAqo4jh1PxzRiPfy7WbFVujbByoTVcxkIzbxV3lYS9cTk8OdZ-299PtGpGi2f6HzVfZESKkhCMYFymnROdCAVyzG9adlw7R1Rf3MpeeyQGxUI7isDTebmBgW18BgGu2XYPtf0UihPlaLqdCjo0_QthTQ9PRVlV9YvMvTxiEGUX_aZGWntrpI28Iawv4IHb9BCKxdVeAYzKACqZEcp22ZwDhywISuhITGpDlBKmzCiwOVxX1HRFWHQ77TKh4rrB9f9UvErCTiDtCXJKcHYd47_6YodCZWQVk5PJt69KFTx8NDqbjgqNCEC6OOT3KrT1tdXGvh3czLdqO7NzG6-tnFLqCI25frZchRyyEE3Y7s_rWy0-_p45z18

Requested by

Host: onnidan1.com
URL: https://onnidan1.com/forum/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 14:21:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK action
www15.smartadserver.com/track/ 43 B
163 B 126ms
126ms Image
image/gif 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www15.smartadserver.com/track/action?sid=1601389305573&pid=1020114&iid=8345034&cid=22925771&key=viewcount&ts=1601389305573
Requested by: Host: onnidan1.com
URL: https://onnidan1.com/forum/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:46 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f5c54976a73df0d669bcf3c7db695f84cef124f726901bb31f042bd3efc8414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 14:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6681
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 14:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Tue, 29 Sep 2020 14:21:46 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 8443 0
0 6ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onnidan1.com/forum/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onnidan1.com/forum/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Tue, 29 Sep 2020 13:18:21 GMT
expires: Wed, 29 Sep 2021 13:18:21 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3805
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
26 B 42ms
41ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gda_r20200924&jk=2733589737430495&bg=!29il2MBYPlhW3nEUgrMCAAAAWFIAAAARCgHHW1jriv11pkRFDnPCNwjAJ3ZDwp4BDhK---Q8dWVBe0Qsce44x0IRFMr6W9dMp9EgIdN6Uo4aywHa4FzNp1Dwq1HqDIwuTu6EHKoU9w81W8fJFky-vsjK7qXpLkqlBe4tepHsX-LAkXtldqtA1fYKtiWYz_j2sMVYLjw80TmB2IOrnOHDjE58pfAnhzDPzaYDJ5goBa90IQ1ZrZYDicyFMJXj15-ZFkfKeBvaxeOkQrwfN7KHrL5TYeWiw2tCmE6QUy9nndbWZ3qIl8x1ryFXdfVO5oLuyhXQd0e7F04Al47RtsrXbpDuwfE3yAMURZRY9Rq68Fka5iCX2Kve1tRshW5uR18qxtpUgFbE2gYhSDJn7WTBnIHX0aKS6caZ9hzSi3xaPGezgtBbY3Yype2jUzq9vez9fHKfSmmijucW8UDsfry8loUc-BSdL45J2VZ-RjKCOTdc2B1k3o-KrUJInpI-njiNAoxedJFiOI55Rzvvy6TDzJS764AyYTaOTTdQK6zK5PD6quIWpbgaEfdI-Q0bIng35fLuDyOsmyWrOSPgEqQ7HIzuhG4faW4jS0sBUHG7YN1J6t02bt0M30NxsiAAGLIaU0mZAcXZyOJGKNdPC70avfjuIxMiCxrWNhHm88XAqZFrqIsf-A_J_fjJcHPAN5U7cGaV4LzWc-F7FcPJbq9CR6dtaWhm9bYF8z7EUq6bUTdg0EJbsj4Fq3Xt4GAt4Ef1PG-NzqGJ8dsBzPBbXl5j1L9okGLLsREEjpjkxf3Hwutfmn1JkjdJyxovrdSe_ywBAlCl4Ncn71oQ79g3KDyi9TH059OSzYkj0P4bX8gcZDlHC-iVJ10ewf5cqCL_yIjCGxSW78KVzotqUE2d9Zu5kAxwwU4sc2zmTWZKStw7szyO-nOluAZghOyQJF4aFiwftZtQtcxf0aUOHMqRtJfiE0G9RF_lDj65Ei3OcpToyKwPFammw3WKH1O-ZcpQ_WN6Pem6iXHW_-g1zMzmEA3wzjaWYklBXn0b3ZFORRFa4jyGqZ46Q0CChEGJuWjfySEvJq1w4R3_xjCIAqVEdws1TskchKVQ9xQDjg8P3c_FxMFvDSt2pX6ckfgATvt3WQVlQhiDndhVl8u8zGNgr5-6BkBbl-j4MIhXhv9cvs7b5Bkhb_iJ94g-asd7okrso4GJTfPOyz_5maCRupJSpVgFW-nIywtG5kx4BhU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onnidan1.com/forum/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 14:21:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: http
URL: https://http//onnidan9.com/GRAPHICS/bcban.gif

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 14:59:25	Name: 8lcfmzhxc8d6_uid Value: 370d6956d64a7f04
.office-partner.de/	1970-01-20 12:49:49	Name: source Value: {"webgains_webgains":{"timestamp":1601389306607,"clickCookie":false}}
pb.media01.eu/	1970-01-20 06:21:01	Name: DTU Value: BD3719208085B8630226881CB5709EA2
.doubleclick.net/	1970-01-19 22:11:25	Name: IDE Value: AHWqTUn57OcQPv-RfsvhojQCWg-LvJVpVnneVIeAGFhRIBw_lYPId9k7HYksmQXJ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c9fc3a8be968653bb4d91247e00ebc3.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ced-ns.sascdn.com
ced.sascdn.com
delivery.switchadhub.com
eus.rubiconproject.com
googleads.g.doubleclick.net
http
onnidan.com
onnidan1.com
pagead2.googlesyndication.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www15.smartadserver.com
http
pagead2.googlesyndication.com
104.111.230.142
170.178.168.203
172.217.22.2
199.187.193.164
2.16.186.105
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:817::2001
2a00:1450:4001:817::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2001
67.225.225.92
68.232.35.16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07f4f9f2e2dacbe3e7c0ceaa3b2f0459a88ce011ea28c4450d245aa4d17e3f84
0a73a6383375c850afc72c94d04c8b8dafe65f456407e424515656870d2660dd
0bd908397b2652c7c11fe8919669cb75003e6477d1ccc76933ff099811b0b64f
0e5529b8c583f30aa157b2d4e63638cdf8c42d100773799bcddd6897a6b6a5fc
0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642
1c66567497c9890d7fd74d568b283b3f951d8036001128b17faf52c91c6015de
1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47
24bfa31599df967ab6abace56a927cceb8adfc8c7d3aa3d64140057eab8c1fd4
2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82
3460fb0edd84ddff62668eabdb2972debe4d706985dc958ce592472523262f66
40313dd09ca0187737107c86765fb03e2f4007158152f6919270fea51fa39a62
4f5c54976a73df0d669bcf3c7db695f84cef124f726901bb31f042bd3efc8414
4fe219fc68a8695441e5b218110000ce3e2d2a20f61600efe271d8be1ef5c8ee
55feabb7c89fc4649224ff81813c258de1624604ef7d2802e5b0877bafdd73a8
586f98e65b2db7f45839efb24fbf42db6a45709d953e78eb6a558b1ba0d4e389
5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f
5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7
6695f0a0b3ed1238eafc494ac293da85b57c1001f1c363c59898759e54a638b1
71bf2cf011487bb52e37443b12af424c3f1e158b164675ff9c84ccfbdd41558b
7ca641b35b687a1c459f8af25a97455130dce131a4a4d5b22fb219f948c4765d
85e3ebe44bbd5ec1dfc6ea22929c10e06900262df42a65737c7d3fb884321b70
873975af8fc24f0fdb98a18581aa0e435c699b2fcbc5d73ab3fc68d2f8aa089a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f47e1b32ff318d524245567413641bfe8b2a1d7a11e3abd7e29f1e35a07c14d
990e329fbec543aac9bed04c8cbdb9aabeca55dfb50156338ab84672605f50a9
9a425eed5bb973b0ba851dd2ea92b1472343a913771a4e12635ea23a6e2d62be
a73ebe70f21155b1eaf542436a48a30cf518d27fe0767ca20ebfb6511bcab6fc
b1f2716e261e2eeb0eb77724d6aa689c71a5fd8f53d7d1eabbe8bd022b1264f9
c8ddbdb314dfb1e5fb00c9fb42703346dda3eeb9fd4972f297500551ecab8208
d36572f068a9c6e70c1abacdd8b7e33f1c386832f2ee5592203800a5e8e2b967
d5a1e1062048a44e25d208c58d57920a7edf2f7f3327ad5422db7f55f35e8671
d7c1a29836ca2dd978e2f50a01de4c754f7e1a89d91a6148378e42d6e47d5a5d
dc272fe9016e5ba26bb1ac363b007fae8f065c64b767310da58ec24c41f16af1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e430de742f608fd5276cee60aad7000e378ea4f0fecca24e1ecdfd8d95130c18
e5c7ba126c16ecfefbc2b04dd0600aa972ca4982a0833c15a0505a675e4d360b
e8af636258ae1e6bfcf6bd7ff2024a9fd84ff962c37e61088cebcc0d0e0dd41a
eae67c03298a7bbccc91cdcf5d1c5a9d801d3e31877e60556ee61901f08ae1d1
f017e41e59e38c3d431986ef3688931a2ec10a0e2b623728ab556c0e81b838c6
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2
fba8cada8963a17a47404bd6705aba18c5f93dbec0d171ce7b97adf04315527a

onnidan1.com Open in urlscan Pro 67.225.225.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

50 %IPv6

13 Domains

19 Subdomains

15 IPs

5 Countries

2529 kBTransfer

3987 kBSize

4 Cookies

9 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onnidan1.com Open in urlscan Pro
67.225.225.92 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

15
IPs

5
Countries

2529 kB
Transfer

3987 kB
Size

4
Cookies

75 HTTP transactions
0 data transactions