Submitted URL: http://iw.nctodo.com/10-inspiring-quotes-innovation
Effective URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Submission: On June 06 via manual from IL

Summary

This website contacted 16 IPs in 4 countries across 17 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3030::6815:59a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is iw.nctodo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.
This is the only time iw.nctodo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
29 mc.yandex.ru 4 redirects iw.nctodo.com
17 i.nctodo.com iw.nctodo.com
5 mc.yandex.com 2 redirects iw.nctodo.com
5 storage.googleapis.com cdn.zx-adnet.com
5 nctodo.com iw.nctodo.com
nctodo.com
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
cdn.zx-adnet.com
3 optad360.mgr.consensu.org cmp.optad360.io
optad360.mgr.consensu.org
3 cdn.zx-adnet.com iw.nctodo.com
cdn.zx-adnet.com
3 cdn.jsdelivr.net iw.nctodo.com
get.optad360.io
3 iw.nctodo.com 1 redirects iw.nctodo.com
2 get.optad360.io iw.nctodo.com
get.optad360.io
2 pagead2.googlesyndication.com iw.nctodo.com
pagead2.googlesyndication.com
1 www.googletagservices.com cdn.zx-adnet.com
1 js.wpushsdk.com cst.wpu.sh
1 js.wpshsdk.com cst.wpu.sh
1 na.nawpush.com cst.wpu.sh
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cst.cstwpush.com iw.nctodo.com
1 cst.wpu.sh 1 redirects
1 mapor.top iw.nctodo.com
1 cmp.optad360.io iw.nctodo.com
81 21

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-07 -
2021-08-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
*.optad360.io
Amazon
2020-12-17 -
2022-01-15
a year crt.sh
covid19-dashboard.ivod.at
GTS CA 1D4
2021-05-17 -
2021-08-15
3 months crt.sh
click2.club
R3
2021-04-17 -
2021-07-16
3 months crt.sh
cstwpush.com
R3
2021-05-22 -
2021-08-20
3 months crt.sh
optad360.mgr.consensu.org
Amazon
2020-07-20 -
2021-08-20
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2021-05-10 -
2021-08-02
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-02-27 -
2021-08-09
5 months crt.sh
na.nawpush.com
R3
2021-04-20 -
2021-07-19
3 months crt.sh
js.wpshsdk.com
R3
2021-06-04 -
2021-09-02
3 months crt.sh
js.wpushsdk.com
R3
2021-05-07 -
2021-08-05
3 months crt.sh

This page contains 3 frames:

Primary Page: https://iw.nctodo.com/10-inspiring-quotes-innovation
Frame ID: E5A27422036FAA74BDD666831CE1F119
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Frame ID: CB4A7C7B2763E4B01DDC05FAC25FDCF6
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: 57B6BD06A2BA969BC811D62E04042CE7
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://iw.nctodo.com/10-inspiring-quotes-innovation HTTP 301
    https://iw.nctodo.com/10-inspiring-quotes-innovation Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

81
Requests

100 %
HTTPS

59 %
IPv6

17
Domains

21
Subdomains

16
IPs

4
Countries

5158 kB
Transfer

7710 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://iw.nctodo.com/10-inspiring-quotes-innovation HTTP 301
    https://iw.nctodo.com/10-inspiring-quotes-innovation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cst.wpu.sh/static/adManager.js HTTP 301
  • https://cst.cstwpush.com/static/adManager.js
Request Chain 44
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9296.GubNk9gyOyxUSGbEWsVjcPqBfwqft70Dm2yFNfUcUnd6bYDWNQNuCbiG4l1dfPk5.t00fUNVZnkUJBEVgPiPO1Z9EHv4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9296.FrgxCITqJmY3rrlJmrblKHdEmzZCu854AfT1ggPgmo8JOfHPM9_Nd7hdwqK3kp3t6l4ic8XihPlEqJnlTi2yhw%2C%2C.eCj8rNmkslyW-xYpdgtU9TgYZIg%2C
Request Chain 50
  • https://mc.yandex.com/watch/47179113?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A201731474094%3Ahid%3A642621023%3Az%3A120%3Ai%3A20210606092252%3Aet%3A1622964172%3Ac%3A1%3Arn%3A854419238%3Au%3A1622964172882423360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622964171691%3Ads%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622964173%3At%3A10%20%D7%A6%D7%99%D7%98%D7%95%D7%98%D7%99%D7%9D%20%D7%9E%D7%A2%D7%95%D7%A8%D7%A8%D7%99%20%D7%94%D7%A9%D7%A8%D7%90%D7%94%20%D7%A2%D7%9C%20%D7%97%D7%93%D7%A9%D7%A0%D7%95%D7%AA%202021%20-%20%D7%9E%D7%95%D7%98%D7%99%D7%91%D7%A6%D7%99%D7%94%20-%20Nc%20to%20do HTTP 302
  • https://mc.yandex.com/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A201731474094%3Ahid%3A642621023%3Az%3A120%3Ai%3A20210606092252%3Aet%3A1622964172%3Ac%3A1%3Arn%3A854419238%3Au%3A1622964172882423360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622964171691%3Ads%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622964173%3At%3A10%20%D7%A6%D7%99%D7%98%D7%95%D7%98%D7%99%D7%9D%20%D7%9E%D7%A2%D7%95%D7%A8%D7%A8%D7%99%20%D7%94%D7%A9%D7%A8%D7%90%D7%94%20%D7%A2%D7%9C%20%D7%97%D7%93%D7%A9%D7%A0%D7%95%D7%AA%202021%20-%20%D7%9E%D7%95%D7%98%D7%99%D7%91%D7%A6%D7%99%D7%94%20-%20Nc%20to%20do
Request Chain 57
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.5048910935657083 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.5048910935657083
Request Chain 59
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.8298847635363862 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8298847635363862
Request Chain 61
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.8379313806427451 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8379313806427451

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 10-inspiring-quotes-innovation
iw.nctodo.com/
Redirect Chain
  • http://iw.nctodo.com/10-inspiring-quotes-innovation
  • https://iw.nctodo.com/10-inspiring-quotes-innovation
33 KB
6 KB
Document
General
Full URL
https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28
Resource Hash
ea5d6910a1b27d01b4e2e66ac321fb178a585e2a4b04089b5533c80af639121e

Request headers

:method
GET
:authority
iw.nctodo.com
:scheme
https
:path
/10-inspiring-quotes-innovation
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.28
cache-control
max-age=86400
expires
Mon, 07 Jun 2021 07:22:51 GMT
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
0a81cd0bda0000074aa7bfe000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=80B36YZn67Zye9DBKxcXH1jCDD%2B4uy0CGSOpa6gBFfGUrNTIQ4NTcdGFjgwo4Zck%2BhFl56mZBdmbxsZklGHKhAyHKCxVXGqr0UTw0lJ%2BClvDCNkU1gAHOa7DmyNt7ngcz9K5ytYBCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65afe4595ede074a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Sun, 06 Jun 2021 07:22:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 06 Jun 2021 08:22:51 GMT
Location
https://iw.nctodo.com/10-inspiring-quotes-innovation
cf-request-id
0a81cd0bb90000074202bc0000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cF5ur3zj7zyKi2bQ0y48Xmmygx3dsp%2FzoC3i85soh%2BKDTTDRnjULvxnP1wc9oxo072cEHfpj4v9UJO97%2BeooH6a6z3IhhDS2ur8e1R3J9S84LdI%2FNkCSX7UmR1t3mpi06HCeuJbycw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
65afe4592a400742-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.css
nctodo.com/template/girl/css/
641 KB
72 KB
Stylesheet
General
Full URL
https://nctodo.com/template/girl/css/style.css
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b38200354a05de437b3a3b1dba7f8ca17309556e17a44a527876193e82932df

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
421994
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a81cd0c180000074a690c8000000001
last-modified
Thu, 26 Mar 2020 14:31:56 GMT
server
cloudflare
etag
W/"a04db-5a1c2d8c8c24e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aF5rGiN%2FEIcJmsF1Byr9tsecOPgPoNvPz53QGO6oxAJqD8b5HxE%2FrT8WNMONUK5uEPo8BAzv6YTbKOuv4aj02NfbCHUAfXNHkXlLuegh69S603QbItOje75uZXs41%2Fjn5uyPPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
65afe459cfd5074a-FRA
expires
Tue, 15 Jun 2021 10:09:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48419
x-xss-protection
0
server
cafe
etag
13744972075384101287
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 06 Jun 2021 07:22:51 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/
5 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
30118
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1299
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by
cache-fra19127-FRA, cache-hhn4062-HHN
date
Sun, 06 Jun 2021 07:22:51 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
cmp.optad360.io/items/
253 KB
72 KB
Script
General
Full URL
https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a059432bac1a62486a8af8866d1cd8ea21e2af953909ec1c95c04dbf721a45

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 06:52:14 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 08:40:43 GMT
server
AmazonS3
age
1838
etag
W/"eef88a6e5d5cd10adc094b23ddf8e4b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ByX1OwRaUJEzXTVXL0kXqxRFPdkHsPYKjP82SlLnC_DUI9b1lE7cnw==
logo-fashion-mobile.png
i.nctodo.com/logo/iw/
110 KB
110 KB
Image
General
Full URL
https://i.nctodo.com/logo/iw/logo-fashion-mobile.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3808412
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
112526
cf-request-id
0a81cd0c1d0000074a7aa1a000000001
last-modified
Fri, 21 Feb 2020 18:23:50 GMT
server
cloudflare
etag
"1b78e-59f1a1f8b5f48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Mf9doHNmXT%2BanjnOCbjiYtevagL8xBqZsbL5OhtdYwnw%2BQ2V0ruaaRPGxfsze%2Fp9ahbLKBeMlABGTyAJRDDYsTKvCXbJ7aTlnPkSTQZ2WWg0Vo6nB3896BIk%2FiIy08P4dqvFQOhl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459cfef074a-FRA
expires
Sat, 23 Apr 2022 05:29:19 GMT
drsht_19120601.js
cdn.zx-adnet.com/adx/
141 KB
19 KB
Script
General
Full URL
https://cdn.zx-adnet.com/adx/drsht_19120601.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e93e7074b0d617b4bbaf1f9b43c1a556a97c480a2991a13317a4f1995f2b7677
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 03 Jun 2021 14:06:51 GMT
x-timer
S1622964172.813245,VS0,VE205
etag
"5c4fa0ea4cb98216a9ebbcbe6691a24bb691eace20b32f0ef1238d5b8474b124-br"
x-served-by
cache-hhn4028-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Sun, 06 Jun 2021 07:22:52 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19089
x-cache-hits
0
10-Inspiring-Quotes-on-Innovation.jpg
i.nctodo.com/img/motivation/501/
668 KB
669 KB
Image
General
Full URL
https://i.nctodo.com/img/motivation/501/10-Inspiring-Quotes-on-Innovation.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b474fb641fcded8b2bc3831ce66557121a6463a025021866ab3b665bd69d0d97

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2447
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
683926
cf-request-id
0a81cd0c1d0000074a5f82a000000001
last-modified
Sun, 23 Feb 2020 12:25:43 GMT
server
cloudflare
etag
"a6f96-59f3d5a796dcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Tqp8gB7iAbXHt4OmThuk2jIB4t92ZIfUSnGVSI07hXmYlQ%2FdwikclO1otmbNmzmGTXMuTYKjvHkGlevqWnmbed%2BE64ic6xCQto3YSLFN%2B7vGOiEO7CsAqFb%2FtxkhBzdbqqWT%2FQ4J"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459cfeb074a-FRA
expires
Mon, 06 Jun 2022 06:42:04 GMT
10-Inspiring-Quotes-on-Innovation_1.jpg
i.nctodo.com/img/motivation/501/
824 KB
825 KB
Image
General
Full URL
https://i.nctodo.com/img/motivation/501/10-Inspiring-Quotes-on-Innovation_1.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887c693b7c4a8d8cadcb056a95993dfb44b6cd08b06be09091d7b15e4bc8f23c

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
843869
cf-request-id
0a81cd0c1d0000074ab98c9000000001
last-modified
Sun, 23 Feb 2020 12:25:43 GMT
server
cloudflare
etag
"ce05d-59f3d5a79a863"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RqfAUL22%2F5UPpvENWQYZRiNIMkYPgOqmKvKb65697Jq7WuZhFMrzIT9IAtNcQ9M2s8zNQWg79tGI6tcSpAUXqNCCSKCZ6IaQzpSnqpfqoaVR5eB0iiNC6qmb%2BtUB300YYJi6WC61"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459cfec074a-FRA
expires
Mon, 06 Jun 2022 07:22:51 GMT
10-Inspiring-Quotes-on-Innovation_2.jpg
i.nctodo.com/img/motivation/501/
506 KB
507 KB
Image
General
Full URL
https://i.nctodo.com/img/motivation/501/10-Inspiring-Quotes-on-Innovation_2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1cd42c6248d7df033f3de05b644a24aea565c9a34e1f7e2c865776db267154

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2446
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
518416
cf-request-id
0a81cd0c1d0000074a82133000000001
last-modified
Sun, 23 Feb 2020 12:25:43 GMT
server
cloudflare
etag
"7e910-59f3d5a79eeb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PSYb23ET4btdjMrxeAf5qBeYz9B0liSpsB9oY3DCsznmbI23uMyBf0Ut%2BZZkq40YIsiiYZArTRDQixCwd6P96%2FVse%2BYuO69aR%2B%2BlJYc7H1AgEgrQbqC84aAnkOL9Nv1wuyNRdaYq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459cff0074a-FRA
expires
Mon, 06 Jun 2022 06:42:05 GMT
10-Inspiring-Quotes-on-Innovation_3.jpg
i.nctodo.com/img/motivation/501/
522 KB
523 KB
Image
General
Full URL
https://i.nctodo.com/img/motivation/501/10-Inspiring-Quotes-on-Innovation_3.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990d26437aa8cb62f379abf71a7c8f7c23bb3468ade650b41f6c100de247d10d

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
534462
cf-request-id
0a81cd0c1c0000074a8e8fd000000001
last-modified
Sun, 23 Feb 2020 12:25:43 GMT
server
cloudflare
etag
"827be-59f3d5a7ad144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Sc0SYRMZnDVr7NoeejFDaFY2GGevBYvlr3nIOGC7nSy7TtIO0LRmaI08hB%2FXstcP2xofx7fksrkcb4%2BJexqdz3I7jsCHHSO7cg2fcwJ4KcXw28FUKCI5aIBxhjQC2pGY04jXrGlz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459cfe9074a-FRA
expires
Sun, 05 Jun 2022 17:02:44 GMT
10-Inspiring-Quotes-on-Innovation_4.jpg
i.nctodo.com/img/motivation/501/
240 KB
240 KB
Image
General
Full URL
https://i.nctodo.com/img/motivation/501/10-Inspiring-Quotes-on-Innovation_4.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b07a719866710f14f853502afec520d6e11da372e6d05742dd92951b27d1cc

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
245422
cf-request-id
0a81cd0c1d0000074a960e0000000001
last-modified
Sun, 23 Feb 2020 12:25:43 GMT
server
cloudflare
etag
"3beae-59f3d5a7ba81d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ThkNqLuXacQYQkzVoHxZZRA3Y0zbgfdNPJNbh1TXD24Z2uPQjxNLPok9NEFHRM%2F%2BOieLxVx65OIwrMnPIRwLIhSTxvl4a34s8sCPLX5yGcnEBH%2BeX%2FDMik27yJVd36B11EST1RNM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459cfee074a-FRA
expires
Sun, 05 Jun 2022 17:02:44 GMT
enchiladas-verde-or-green-enchiladas-with-chicken.jpg
i.nctodo.com/img/mexican-mains-2018/
49 KB
49 KB
Image
General
Full URL
https://i.nctodo.com/img/mexican-mains-2018/enchiladas-verde-or-green-enchiladas-with-chicken.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a219d3960386b74c9b40d1c7f0d66a621c304c19051ebf6bc521e0bb0ddf4b9

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49898
cf-request-id
0a81cd0c3e000017862087c000000001
last-modified
Sat, 22 Feb 2020 01:25:48 GMT
server
cloudflare
etag
"c2ea-59f200493b5af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1a9P5UsqzOtiwDoBtw8hP7NrkizDCc00pQ4UtdMHKjo%2F0AUKFCn6EqJ8dCd%2BkdKpLLWSV4zWtM0C2RAYyV0ndPdcUMocp%2FzJMLNVydDYQ4VmczQjvBqscL566%2FswDJ4NskvT2KQt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb5a1786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
ground-beef-enchirito.jpg
i.nctodo.com/img/mexican-mains-2018/
100 KB
101 KB
Image
General
Full URL
https://i.nctodo.com/img/mexican-mains-2018/ground-beef-enchirito.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5405e8f567e72b8e528df77ec8919eddd72f4ecbf79722ecea608b9949363dbd

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
102626
cf-request-id
0a81cd0c3f00001786f5bf2000000001
last-modified
Sat, 22 Feb 2020 01:25:48 GMT
server
cloudflare
etag
"190e2-59f2004947ce8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lZNzm4NwK95%2BW7n8z0yEtu6%2FKbGlw28gDkmJMPV7L%2Flf7to3jt1NODk3H6X4lzuAqxVNFz8d8o60l0gg%2BijCZt1%2FXLDpLHNk4Ce0PY%2FVPhvjQyoWFxmbtiwVoKhH6ZAJ%2FhUc6qs4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb5d1786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
enchiladas-rancheras.jpg
i.nctodo.com/img/mexican-mains-2018/
79 KB
80 KB
Image
General
Full URL
https://i.nctodo.com/img/mexican-mains-2018/enchiladas-rancheras.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fea5ccf64cb781e3359096adbe39726c199fe96766fba3f6c0adfd54e60912

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
80800
cf-request-id
0a81cd0c3f000017860d3c8000000001
last-modified
Sat, 22 Feb 2020 01:25:48 GMT
server
cloudflare
etag
"13ba0-59f200492c37e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=74CAZsrtXt%2FGj5rYh245T1ZoKmFkhORYNkPcmROBeiPsxMJNKbzZILIpHyhORHms2J1mlzyq2sbvzdwQTSAOMcMc29%2FDoYG65AnNRSEJ0NYjfLIT8bJQRgthTlzVHqVi9mMcrwQ%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb611786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
5-ways-to-encourage-your-kids-to-send-thank-you-notes-2.jpg
i.nctodo.com/img/parenting-advice-2018/
47 KB
47 KB
Image
General
Full URL
https://i.nctodo.com/img/parenting-advice-2018/5-ways-to-encourage-your-kids-to-send-thank-you-notes-2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef2428b307e3c327bc1e2d97d59d28fc4229d217bc57290532d1bce939ec2b5

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
47811
cf-request-id
0a81cd0c4000001786181aa000000001
last-modified
Sat, 22 Feb 2020 01:34:09 GMT
server
cloudflare
etag
"bac3-59f20227811ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6a%2BDlaLHOFdHFYiN46SMQn60mizMq073PqBBxid93luy6fvSIgyRZd4Icw5Q232a2YZyYnYXGKbrGV%2Fet%2BLCH7Iv5zNEzTDcwqNiFBo%2BbPmrWsfkaC%2BIdFKPd6Jj0WDOSg%2FaDpEJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb661786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
8-best-gifts-to-buy-for-animal-lovers-in-2017-2.jpg
i.nctodo.com/img/best-home-products-2018/
50 KB
50 KB
Image
General
Full URL
https://i.nctodo.com/img/best-home-products-2018/8-best-gifts-to-buy-for-animal-lovers-in-2017-2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34989edbfb9c490ce5fae7558d899b65f7cc86213da5de0fe42e78a88be89545

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
50813
cf-request-id
0a81cd0c4000001786339d8000000001
last-modified
Sat, 22 Feb 2020 00:26:16 GMT
server
cloudflare
etag
"c67d-59f1f2faf2e44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N1M7ZmFqMFZY1dmnATHbp3wAzzlnUVptHbAPBMNoMaqA0mxPhNubollqTftzo2kS4iWQ9ZhaGTitGTs%2FJKXGtSSn4s4p%2FQECCI1mzirh3yjsKkJo4c%2FYMOsKtBmkSa%2Br3uNNRZLr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb671786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
15-best-gifts-for-busy-mom.jpg
i.nctodo.com/img/housewares-shopping-guides-2018/
0
629 B
Image
General
Full URL
https://i.nctodo.com/img/housewares-shopping-guides-2018/15-best-gifts-for-busy-mom.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a81cd0c4000001786fcae4000000001
last-modified
Sat, 22 Feb 2020 01:07:50 GMT
server
cloudflare
etag
"0-59f1fc45b5a7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SUE%2FLl%2BdyqFwUFLlhPsjXdjQ%2FWxnj0Vf7W%2Bzjm6d7WuD1I%2Fo3YRRdoS65VwC8WsQqEQa%2BUU0%2FOn75atG5ka7pUTZwLKN6EjiKTgMCqGdf8YUBDs9jysfbLqLMwEjhePQxXZvJ38B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb691786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
9-best-gifts-for-5-year-olds-to-buy-in-2017-3.jpg
i.nctodo.com/img/best-home-products-2018/
51 KB
51 KB
Image
General
Full URL
https://i.nctodo.com/img/best-home-products-2018/9-best-gifts-for-5-year-olds-to-buy-in-2017-3.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b340a40194665660e32418713edafbc5b3c3983ffc426e3d7af74b8e7bc1ac2

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
52050
cf-request-id
0a81cd0c41000017863faf5000000001
last-modified
Sat, 22 Feb 2020 00:26:22 GMT
server
cloudflare
etag
"cb52-59f1f301310f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MUJEyrocOk7xRMINs4m%2FXdQ4WaEmEPXTjHNwMNY1xmUVT7VlxIMa%2BrtWfYL77cyorKqlZDfBCS3ZcVGav4HnS%2F40RzaFA64cvRFgIT5ziF%2FcDC6ZP4YC%2B%2F9AEVEK8ikCYB%2BrSYms"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb6a1786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
8-best-gifts-for-6-year-old-boys-to-buy-in-2017-2.jpg
i.nctodo.com/img/best-home-products-2018/
93 KB
94 KB
Image
General
Full URL
https://i.nctodo.com/img/best-home-products-2018/8-best-gifts-for-6-year-old-boys-to-buy-in-2017-2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0d83770ca5e5efd508d7a1944f5fcd44321155e95e700202199c0d7d32d373

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
95169
cf-request-id
0a81cd0c4200001786ca1d4000000001
last-modified
Sat, 22 Feb 2020 00:26:15 GMT
server
cloudflare
etag
"173c1-59f1f2fa7a875"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hMEfAOY2o5FmWPO0B7rujVnBQBH8yVQK%2BWjOYa%2BQdaRWLuwOPpZEdVdKgvHDT%2BGRVB82i1erSuy3RzYZADRRBR5dTr6bMqUcKoOocNjS%2FNMZxx0hZ5UqcCbKqJbiOlnAALRPn9ax"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb6c1786-FRA
expires
Mon, 06 Jun 2022 04:20:15 GMT
logo.png
i.nctodo.com/logo/
4 KB
4 KB
Image
General
Full URL
https://i.nctodo.com/logo/logo.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c8aa9a1de1bcbc49c299ba5852d5556b368b4a379fee165e5cae26a6bf34b2

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3808852
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3768
cf-request-id
0a81cd0c410000178625021000000001
last-modified
Fri, 21 Feb 2020 18:38:49 GMT
server
cloudflare
etag
"eb8-59f1a5519215e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hqSOThBARY9JrpBZx9BMH0848uBUjYjPD6OfMqMOUJHLoFnGykaatQ8zoq9zPfiTkUaK%2BIKW6LoZDrCswXhSphfyXNxakYlO5l41smkCfuVIJWrQOlW3QMFHBeXDt%2BdPm6HTN0X%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe459fb6e1786-FRA
expires
Sat, 23 Apr 2022 05:21:59 GMT
email-decode.min.js
iw.nctodo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://iw.nctodo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
iw.nctodo.com
referer
https://iw.nctodo.com/10-inspiring-quotes-innovation
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://iw.nctodo.com/10-inspiring-quotes-innovation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0a81cd0c260000178640a33000000001
last-modified
Fri, 28 May 2021 10:23:11 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60b0c48f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gw0z5MCI5EboNkRJi45vRaZSJKB3j3QA%2Bmd4%2FaBLwOHb3wf8%2BpM0QQhfZP8gUDTIcDXWjlgUTXDXwt%2BwhnhY2Ko%2FZ88VtJ%2FkvY%2F6%2F1GanwD7ETfL6B3bbD5lg%2BMjQa4AfWlVOCMPLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
65afe459db1a1786-FRA
expires
Tue, 08 Jun 2021 07:22:51 GMT
plugin.min.js
get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/
285 KB
77 KB
Script
General
Full URL
https://get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/plugin.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2050:a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2c021b3cec60441e1c462c8d3a40e2d65f5172d2f133123bad0c8c1954f3c53

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 06:56:49 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 04:02:20 GMT
server
AmazonS3
age
2059
etag
W/"b8a07e48f8ee7e5c0581e816e60d9763"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1008748c844980a7bf932624d793da48.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
kq6cKD5HrdpC87ihLhebLf0QO2VmfMERlsERvqRixMF5U4s8mgKJ2g==
jquery.js
nctodo.com/template/girl/js/
95 KB
32 KB
Script
General
Full URL
https://nctodo.com/template/girl/js/jquery.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa560664a187ea3dc996eb43ce2b3cf9f32a04ebd4e5f41f0b626a094484ba39

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
179326
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a81cd0c2a0000074ab98ca000000001
last-modified
Sun, 23 Feb 2020 13:18:32 GMT
server
cloudflare
etag
W/"17b5c-59f3e175c17ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4emoiD0w94ggKrVFSeoiH1oOXjN7NZ51LDJUaaPjd%2BERfV87qb7whAQvn%2FdG7z%2FfzWxASmvnGMquVpkfMtiwQZdh%2BS9M%2FVDqyAcUEXPupbjQJHOwX%2FTMWwXgDTz2BOhHYV1ZsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
65afe459d81c074a-FRA
expires
Fri, 18 Jun 2021 05:34:05 GMT
jquery-my.js
nctodo.com/template/girl/js/
3 KB
2 KB
Script
General
Full URL
https://nctodo.com/template/girl/js/jquery-my.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f93fa9887a8612c20f3aea80f25d2d6e13ace162ad2696b2e871ce8f6fb9cd

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
179804
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a81cd0c360000178605b7b000000001
last-modified
Sun, 23 Feb 2020 13:18:32 GMT
server
cloudflare
etag
W/"bc4-59f3e175b3d0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sWN43kBygkUi1NNz1bTq%2BOW6oLXD70XpW6KwldPlFAaP7L9bykNiewT1rpTsNmbB62aAzIENdk0JN9OFML86apNEULCfjFWV42UXhoRrMBFSLBIaXkXd9LOpBgH9SIXgx7SsQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
65afe459eb431786-FRA
expires
Fri, 18 Jun 2021 05:26:07 GMT
theme.min.js
nctodo.com/template/girl/js/
195 KB
45 KB
Script
General
Full URL
https://nctodo.com/template/girl/js/theme.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f003c7cf435da89671a858f2180e88ef0a614abaabe3a02a03bdc77693bc2ea

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
421994
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a81cd0c3400001786af30c000000001
last-modified
Sun, 23 Feb 2020 13:18:32 GMT
server
cloudflare
etag
W/"30a5b-59f3e175d8ecc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fz3mWIgn9j8xo2o7wp1%2F1q3Hf%2BwyiEHMEQpd1RGecBmJQCRMw500ob0Yoy6DnjR7d9rj6oeVn%2BdUfJ6bIVY9mBnulpkoYnLWDBy9sh%2FKgGyWln2rCM9xmWbi9wB8KbAQ3i7zyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
65afe459eb461786-FRA
expires
Tue, 15 Jun 2021 10:09:37 GMT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/
20 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
24621
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
6756
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by
cache-fra19179-FRA, cache-hhn4062-HHN
date
Sun, 06 Jun 2021 07:22:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
mapor.top/
20 KB
20 KB
Script
General
Full URL
https://mapor.top/?pu=gyytgndege5ha3ddf42demrr
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bf97153029ddfb8c9827113ab86aedd3b8dfb0a1278d9d3670e19520d074f103
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 06 Jun 2021 07:22:51 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
adManager.js
cst.cstwpush.com/static/
Redirect Chain
  • https://cst.wpu.sh/static/adManager.js
  • https://cst.cstwpush.com/static/adManager.js
59 KB
60 KB
Script
General
Full URL
https://cst.cstwpush.com/static/adManager.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 06 Jun 2021 07:22:52 GMT
Connection
Keep-Alive
Last-Modified
Tue, 25 May 2021 14:27:38 GMT
x-amz-meta-s3cmd-attrs
atime:1621952841/ctime:1621952841/gid:0/gname:root/md5:f7f10698b0e6bb748101b0917e29d311/mode:33188/mtime:1621952770/uid:0/uname:root
x-amz-request-id
tx0000000000000476e4dfc-0060bc6daa-fc22bc6-fra1a
etag
"f7f10698b0e6bb748101b0917e29d311"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1622964172.dop215.fr8.t,1622964172.cds011.fr8.shn,1622964172.cds011.fr8.c
Content-Type
text/plain
Cache-Control
max-age=1006
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
60434

Redirect headers

location
https://cst.cstwpush.com/static/adManager.js
date
Sun, 06 Jun 2021 07:22:51 GMT
server
nginx/1.18.0
content-length
169
content-type
text/html
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/
232 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1427824399252755&plah=iw.nctodo.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87637
x-xss-protection
0
server
cafe
etag
15632250250964762239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 06 Jun 2021 07:22:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame CB4A
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210601/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iw.nctodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://iw.nctodo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 05 Jun 2021 23:11:58 GMT
expires
Sat, 19 Jun 2021 23:11:58 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
29453
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/
4 KB
2 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-104.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:53 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:24:15 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Miss from cloudfront
x-amz-cf-id
cX6Qx_0GQtE2DoYfLUUD1jXPKWKvspg86L65MkvfxTSDbrYakhh6xg==
via
1.1 9d20586df7150a47ce50554b50d8f501.cloudfront.net (CloudFront)
font.woff
nctodo.com/template/girl/css/
14 KB
10 KB
Font
General
Full URL
https://nctodo.com/template/girl/css/font.woff?9
Requested by
Host: nctodo.com
URL: https://nctodo.com/template/girl/css/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:bdf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5340ac0195135f811b8e34d506f4e7e67c3a003f6712804863893eb94eb0c4b1

Request headers

Origin
https://iw.nctodo.com
Referer
https://nctodo.com/template/girl/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
169915
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a81cd0c9c00000eb7aca97000000001
last-modified
Sun, 23 Feb 2020 13:18:31 GMT
server
cloudflare
etag
W/"38d0-59f3e174d6605"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hW5FhhpH4NvClnF0LoDTjjA2IJ%2BXXMJeg96YTaHzyS6IHybJ7ZmGy1ILEqC9vMFS9WdGrN6ZLONrR93Ie70SK8h2zlQiCUtSz3SLNHmCtKXAVHcfbNagyU5sRaKh7pAtiELwxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
65afe45a9e340eb7-FRA
expires
Fri, 11 Jun 2021 08:10:56 GMT
logo.png
i.nctodo.com/logo/iw/
9 KB
10 KB
Image
General
Full URL
https://i.nctodo.com/logo/iw/logo.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7d77d406fc4b42b52f6f5fda5a8e15a7e63e7ec7c129f520bc1142cf6b40de

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:51 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3808219
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9541
cf-request-id
0a81cd0cbe000017860289c000000001
last-modified
Sat, 22 Feb 2020 02:02:39 GMT
server
cloudflare
etag
"2545-59f2088668334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K94mzNhWJ3cdK68fADih8%2FQCV50%2BEiSlXD2a%2Bq4cChDnEGCLhjiy5hMihdehv2ux1BVSqv%2B%2BwzB%2Bgfg67cjxiUIUvRZaZ1GyFgt0TB%2BJ2vPE9zIb%2FUI0z5mmFKavNXGe2vSswZI3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe45accf41786-FRA
expires
Sat, 23 Apr 2022 05:32:32 GMT
abs.js
cdn.zx-adnet.com/adx/
200 B
239 B
Script
General
Full URL
https://cdn.zx-adnet.com/adx/abs.js?
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Thu, 03 Jun 2021 14:06:51 GMT
x-timer
S1622964172.083606,VS0,VE52
etag
"437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by
cache-hhn4028-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Sun, 06 Jun 2021 07:22:52 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
118
x-cache-hits
1
mr.js
storage.googleapis.com/s2t-images/
2 B
159 B
Script
General
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.03220400947899593
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyQaogi46-PqI0hx8LUM9yNMElKa2TnjwLfuqevdffPopZovHpwBmPMgX-bQ3f8mmzldJAfi70JcBxaGYj_sgE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
last-modified
Sat, 05 Jun 2021 17:31:45 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
x-goog-generation
1622914305262139
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 06 Jun 2022 07:22:52 GMT
mr.js
storage.googleapis.com/s2t-images/
2 B
168 B
Script
General
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.64098458666099
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UztbT1CQJl_TNsp6Ucn74CJ9LUjNKGzZ5Vx28N6segM6z7YLmPucdPIxZ3h-egf3wTG9P_56jjwwie55w-II30
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
last-modified
Sat, 05 Jun 2021 17:31:45 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
x-goog-generation
1622914305262139
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 06 Jun 2022 07:22:52 GMT
mr.js
storage.googleapis.com/s2t-images/
2 B
168 B
Script
General
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.868765863645852
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzduEMzhUvhVN6ur5BUBlFmBHZ2P3AC92TgOAncNwLEW56lmr6WFVehHYyzvB0QEKn8TOprDUiiDhm792oM4CA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
last-modified
Sat, 05 Jun 2021 17:31:45 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
x-goog-generation
1622914305262139
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 06 Jun 2022 07:22:52 GMT
mr.js
storage.googleapis.com/s2t-images/
2 B
169 B
Script
General
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.3449133241160238
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uwxg5LEVCrghCSf8OZsYboVpx6BfDvtWZ-otHPDVdnQKgogyyQlu8if42kfYlE4_6s9jqInnGxPIpSbH4RGVxE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
last-modified
Sat, 05 Jun 2021 17:31:45 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
x-goog-generation
1622914305262139
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 06 Jun 2022 07:22:52 GMT
mr.js
storage.googleapis.com/s2t-images/
2 B
622 B
Script
General
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.5897513551346947
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyyXuh2QptFVppz2f7YGewqgRaBYpR9nlt0namx9KbjJ0KEmaUG27-pA0Gv7HqPiOTkHzeF1flv7ZNGJ6mFMr8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22
last-modified
Sat, 05 Jun 2021 17:31:45 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
x-goog-generation
1622914305262139
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 06 Jun 2022 07:22:52 GMT
watch.js
mc.yandex.ru/metrika/
128 KB
45 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
03fba78ec8f0f2e2ffb9a8ac27c23d0b2bffe75d02eb21591617af8eb9fe5c27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
br
last-modified
Fri, 04 Jun 2021 19:01:51 GMT
etag
"60b77459-b450"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
46160
expires
Sun, 06 Jun 2021 08:22:52 GMT
checkabuse
cdn.zx-adnet.com/
56 B
364 B
Script
General
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https://iw.nctodo.com/10-inspiring-quotes-innovation
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
HIT
content-length
65
x-served-by
cache-hhn4028-HHN
server
Google Frontend
x-timer
S1622964172.221041,VS0,VE1
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
aeb1431cf99342cf44b615ab900d9ad1
cache-control
max-age=3600,public
function-execution-id
ebe1hh2nz2b3
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.9
x-country-code
IL
x-cache-hits
1
cmp-3.0.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame 57B6
691 KB
693 KB
Script
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-104.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 09:02:06 GMT
via
1.1 4549c7f1695f03beb32f60cd903ff6c6.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 09:53:34 GMT
server
AmazonS3
age
80447
etag
"2ea07aea04f56769b6dd53f48dae904d"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=604800
x-amz-cf-pop
BUD50-C1
accept-ranges
bytes
content-length
708003
x-amz-cf-id
MFfuopvQB6-Kw0KCBn74c2pBImPEHkcFLEVe2ZT2Aw7wAf_z6qF-nQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/
62 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"894 / 590 of 1000 / last-modified: 1622844533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21347
x-xss-protection
0
expires
Sun, 06 Jun 2021 07:22:52 GMT
prebid4.28.1.js
get.optad360.io/sf/
463 KB
146 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid4.28.1.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2050:a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 09:33:30 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 09:09:00 GMT
server
AmazonS3
age
7681763
etag
W/"584a9977889abad1ce606050f709f6b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1008748c844980a7bf932624d793da48.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
BUD50-C1
x-amz-cf-id
83lxW9ViHgB1ATxMssxK86QB4rv8bdNs_Cucm0bYJx8Vm4y2MeJ8uQ==
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9296.GubNk9gyOyxUSGbEWsVjcPqBfwqft70Dm2yFNfUcUnd6bYDWNQNuCbiG4l1dfPk5.t00fUNVZnkUJBEVgPiPO1Z9EHv4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9296.FrgxCITqJmY3rrlJmrblKHdEmzZCu854AfT1ggPgmo8JOfHPM9_Nd7hdwqK3kp3t6l4ic8XihPlEqJnlTi2yhw%2C%2C.eCj8rNmkslyW-xYpdgtU9TgYZIg%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9296.FrgxCITqJmY3rrlJmrblKHdEmzZCu854AfT1ggPgmo8JOfHPM9_Nd7hdwqK3kp3t6l4ic8XihPlEqJnlTi2yhw%2C%2C.eCj8rNmkslyW-xYpdgtU9TgYZIg%2C
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9296.FrgxCITqJmY3rrlJmrblKHdEmzZCu854AfT1ggPgmo8JOfHPM9_Nd7hdwqK3kp3t6l4ic8XihPlEqJnlTi2yhw%2C%2C.eCj8rNmkslyW-xYpdgtU9TgYZIg%2C
date
Sun, 06 Jun 2021 07:22:52 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/
311 KB
109 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Sun, 06 Jun 2021 07:22:52 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210606
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef8edf313ec9b4be6a7a5fcd1b368d3dc6f44309bdf8e81e5f51bf1ee654ca01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
15639
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
955
etag
W/"69e-3rEm68hhpdMHzbdcwXerL8d2VA8"
x-served-by
cache-fra19124-FRA, cache-hhn4070-HHN
date
Sun, 06 Jun 2021 07:22:52 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame 57B6
242 KB
33 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.170.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-170-104.bud50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3afd72db234432a27ca53acf80cc4cdc6e09a5dd20fc012ec61ad1f990d8bca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:53 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 01:00:07 GMT
server
AmazonS3
x-amz-cf-pop
BUD50-C1
etag
W/"cf7b65e027d6c400909a5fbe228dba87"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Miss from cloudfront
x-amz-cf-id
eqm1_KQCDum56vCXCg2_VLFDj77YNvb_tP9Dm7p1kNzCCJDgfZnfPw==
via
1.1 9d20586df7150a47ce50554b50d8f501.cloudfront.net (CloudFront)
1284
na.nawpush.com/tags/
479 B
618 B
XHR
General
Full URL
https://na.nawpush.com/tags/1284
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3bb8a3133a2c22f9975d70e45c5928cb1015f9c2e733aab2724103e48b04ecf2

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 06 Jun 2021 07:22:52 GMT
cache-control
max-age=300, public
server
nginx/1.18.0
content-type
application/json
x-proxy-cache
HIT
advert.gif
mc.yandex.com/metrika/
43 B
100 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
last-modified
Fri, 04 Jun 2021 19:01:51 GMT
etag
"60b77459-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 06 Jun 2021 08:22:52 GMT
1
mc.yandex.com/watch/47179113/
Redirect Chain
  • https://mc.yandex.com/watch/47179113?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A279%3...
  • https://mc.yandex.com/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A279...
203 B
284 B
XHR
General
Full URL
https://mc.yandex.com/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A201731474094%3Ahid%3A642621023%3Az%3A120%3Ai%3A20210606092252%3Aet%3A1622964172%3Ac%3A1%3Arn%3A854419238%3Au%3A1622964172882423360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622964171691%3Ads%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622964173%3At%3A10%20%D7%A6%D7%99%D7%98%D7%95%D7%98%D7%99%D7%9D%20%D7%9E%D7%A2%D7%95%D7%A8%D7%A8%D7%99%20%D7%94%D7%A9%D7%A8%D7%90%D7%94%20%D7%A2%D7%9C%20%D7%97%D7%93%D7%A9%D7%A0%D7%95%D7%AA%202021%20-%20%D7%9E%D7%95%D7%98%D7%99%D7%91%D7%A6%D7%99%D7%94%20-%20Nc%20to%20do
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/10-inspiring-quotes-innovation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
72c67c26c8334b48e19ffba134af3ce15c60e3ba966d0d34e834164392d071c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 06-Jun-2021 07:22:52 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iw.nctodo.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:52 GMT

Redirect headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:52 GMT
last-modified
Sun, 06-Jun-2021 07:22:52 GMT
location
/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A279%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A201731474094%3Ahid%3A642621023%3Az%3A120%3Ai%3A20210606092252%3Aet%3A1622964172%3Ac%3A1%3Arn%3A854419238%3Au%3A1622964172882423360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622964171691%3Ads%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C51%2C13%2C31%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622964173%3At%3A10%20%D7%A6%D7%99%D7%98%D7%95%D7%98%D7%99%D7%9D%20%D7%9E%D7%A2%D7%95%D7%A8%D7%A8%D7%99%20%D7%94%D7%A9%D7%A8%D7%90%D7%94%20%D7%A2%D7%9C%20%D7%97%D7%93%D7%A9%D7%A0%D7%95%D7%AA%202021%20-%20%D7%9E%D7%95%D7%98%D7%99%D7%91%D7%A6%D7%99%D7%94%20-%20Nc%20to%20do
strict-transport-security
max-age=31536000
access-control-allow-origin
https://iw.nctodo.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:52 GMT
push.js
js.wpshsdk.com/npc/sdk/
75 KB
25 KB
Script
General
Full URL
https://js.wpshsdk.com/npc/sdk/push.js?v=1
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
054bde4e1d273cd088678aeff7956ce65f606431632cfc2196020b1160fb9998

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
last-modified
Fri, 04 Jun 2021 11:11:01 GMT
server
nginx/1.16.1
etag
W/"60ba0a45-12a34"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 06 Jun 2021 08:22:52 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
csub.js
js.wpushsdk.com/npc/sdk/wpu/
6 KB
3 KB
Script
General
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 06 Jun 2021 08:22:52 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
logo-retina.png
i.nctodo.com/logo/de/ Frame 57B6
110 KB
111 KB
Image
General
Full URL
https://i.nctodo.com/logo/de/logo-retina.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:52 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3808946
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
112526
cf-request-id
0a81cd100700001786fcb2b000000001
last-modified
Fri, 21 Feb 2020 18:23:50 GMT
server
cloudflare
etag
"1b78e-59f1a1f8b5f48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fcu4FWQwONIkm%2BGn%2Btsw0Wtshp6enbWthA1pId1tNOiE3%2FYL4GkMVkLSpGfVVztTkcn8oW%2BfkvZ1oFwHB9j6y91V%2BI9SgpIvkz36WGLEZulxsCo2db5bpiT12sTRgzFEWEIKVm7G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
65afe4600ddb1786-FRA
expires
Sat, 23 Apr 2022 05:20:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
62 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"894 / 726 of 1000 / last-modified: 1622844533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21347
x-xss-protection
0
expires
Sun, 06 Jun 2021 07:22:54 GMT
gpt.js
www.googletagservices.com/tag/js/
62 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js?zx
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 07:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"894 / 190 of 1000 / last-modified: 1622844595"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21347
x-xss-protection
0
expires
Sun, 06 Jun 2021 07:22:54 GMT
/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
83 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.0899850233036108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.5048910935657083
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.5048910...
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.5048910935657083
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.5048910935657083
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.5187117484630817
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.8298847635363862
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8298847...
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8298847635363862
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8298847635363862
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.2062364527407261
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.8379313806427451
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8379313...
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8379313806427451
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22DRSHT%22%3A%7B%22iw.nctodo.com%22%3A%7B%22https%3A%2F%2Fiw.nctodo.com%2F10-inspiring-quotes-innovation%22%3A%22%22%7D%7D%7D&r=0.8379313806427451
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.8246597584692617
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.33501042747140186
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.08476100987177904
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.286908512827621
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.5128169895532326
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.702503525773708
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.5348755982108553
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.8139942667941753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.03926460587324576
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.5634492767903341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.4385502792135827
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.5080673061943641
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.8110433465422846
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.718112811649879
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.318696889641755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.5379825854828622
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
mc.yandex.ru/watch/56551090/DRSHT/
43 B
71 B
Image
General
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.8684508538573801
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Jun 2021 07:22:54 GMT
last-modified
Sun, 06-Jun-2021 07:22:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 06-Jun-2021 07:22:54 GMT
53428543
mc.yandex.ru/watch/
0
0
Image
General
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/10-inspiring-quotes-innovation%22:%22%22}}}&r=0.9531719989340806
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState object| _0x8179 number| zxadflg_rich_stat string| zxmngname_ext string| yamId string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule number| nmprd string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| t object| e object| __ZXCONSENT undefined| $ function| jQuery boolean| td_is_safari boolean| td_is_ios boolean| td_is_windows_phone string| ua boolean| td_is_android object| tdBlocksArray function| tdBlock object| tdLocalCache string| tds_login_sing_in_widget object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| td_ad_background_click_link string| td_ad_background_click_target object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| $ULs object| jQuery1124011622749991434755 function| $f object| cookieconsent object| googletag object| regeneratorRuntime object| AdSlotCollection object| pbjs325474 object| Sk number| zxCheckAbs number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg boolean| __isGoogleAllowed object| Ya object| yaCounter47179113 function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO function| setImmediate function| clearImmediate function| tcpusher object| ZXNT string| slot_ext string| zxadblock_ext string| domen string| site_topdomen number| prtintstlprocent string| zxAdUnit77 string| zx_network_prefix string| zx_ad_slot_default object| adx_dfp_bloks string| zx_banner_w_default string| zx_banner_h_default string| BannerSize_default number| flg_dfp object| t2 object| e2 string| url1 string| url2 string| url3 string| zx_ad_place number| zx_ad_width number| zx_ad_height string| zx_ad_id string| ins_targets number| cw number| ch object| tt98 string| txt98 string| txt99 string| stl98 string| BannerSize

3 Cookies

Domain/Path Name / Value
.nctodo.com/ Name: _ym_isad
Value: 2
.nctodo.com/ Name: _ym_d
Value: 1622964172
.nctodo.com/ Name: _ym_uid
Value: 1622964172882423360

12 Console Messages

Source Level URL
Text
console-api error URL: https://mapor.top/?pu=gyytgndege5ha3ddf42demrr(Line 174)
Message:
Error: Browser is not suitable for subscriptions
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
zx->gdpr & oa detected ->start without cmp (2000)
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan version 2.1.4
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan run tag spots
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan init spot [object Object]
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan init spot [object Object]
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
zxnt native v.1.0
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
skip ad 580|400 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 2)
Message:
skip ad 336|280 block not visible

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.zx-adnet.com
cmp.optad360.io
cst.cstwpush.com
cst.wpu.sh
get.optad360.io
googleads.g.doubleclick.net
i.nctodo.com
iw.nctodo.com
js.wpshsdk.com
js.wpushsdk.com
mapor.top
mc.yandex.com
mc.yandex.ru
na.nawpush.com
nctodo.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
storage.googleapis.com
www.googletagservices.com
142.250.181.226
151.101.65.195
188.166.68.96
205.185.216.42
213.174.135.24
2600:9000:2050:a00:11:a4de:2580:93a1
2600:9000:21f3:f200:6:b871:4f00:93a1
2606:4700:3030::6815:59a7
2606:4700:3030::ac43:bdf9
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:831::2010
2a02:6b8::1:119
2a04:4e42:1b::485
46.4.91.20
52.85.170.104
03fba78ec8f0f2e2ffb9a8ac27c23d0b2bffe75d02eb21591617af8eb9fe5c27
054bde4e1d273cd088678aeff7956ce65f606431632cfc2196020b1160fb9998
0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344
1b340a40194665660e32418713edafbc5b3c3983ffc426e3d7af74b8e7bc1ac2
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
240f2fa6d9c547702519223d888610d5517255aa52ad0c04d86f0ec6d0ab76d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b7d77d406fc4b42b52f6f5fda5a8e15a7e63e7ec7c129f520bc1142cf6b40de
34989edbfb9c490ce5fae7558d899b65f7cc86213da5de0fe42e78a88be89545
3bb8a3133a2c22f9975d70e45c5928cb1015f9c2e733aab2724103e48b04ecf2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4f7b6c826559e7a9fdd87aa3dab65d9032e27f9677e2c894bf8add376af093e6
5340ac0195135f811b8e34d506f4e7e67c3a003f6712804863893eb94eb0c4b1
5405e8f567e72b8e528df77ec8919eddd72f4ecbf79722ecea608b9949363dbd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c8aa9a1de1bcbc49c299ba5852d5556b368b4a379fee165e5cae26a6bf34b2
6f003c7cf435da89671a858f2180e88ef0a614abaabe3a02a03bdc77693bc2ea
71a059432bac1a62486a8af8866d1cd8ea21e2af953909ec1c95c04dbf721a45
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
72c67c26c8334b48e19ffba134af3ce15c60e3ba966d0d34e834164392d071c8
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7
7b1cd42c6248d7df033f3de05b644a24aea565c9a34e1f7e2c865776db267154
7c0d83770ca5e5efd508d7a1944f5fcd44321155e95e700202199c0d7d32d373
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
887c693b7c4a8d8cadcb056a95993dfb44b6cd08b06be09091d7b15e4bc8f23c
89b07a719866710f14f853502afec520d6e11da372e6d05742dd92951b27d1cc
8a219d3960386b74c9b40d1c7f0d66a621c304c19051ebf6bc521e0bb0ddf4b9
8b38200354a05de437b3a3b1dba7f8ca17309556e17a44a527876193e82932df
990d26437aa8cb62f379abf71a7c8f7c23bb3468ade650b41f6c100de247d10d
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
aa560664a187ea3dc996eb43ce2b3cf9f32a04ebd4e5f41f0b626a094484ba39
b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7
b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4
b2f93fa9887a8612c20f3aea80f25d2d6e13ace162ad2696b2e871ce8f6fb9cd
b474fb641fcded8b2bc3831ce66557121a6463a025021866ab3b665bd69d0d97
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
bf97153029ddfb8c9827113ab86aedd3b8dfb0a1278d9d3670e19520d074f103
c2c021b3cec60441e1c462c8d3a40e2d65f5172d2f133123bad0c8c1954f3c53
c3afd72db234432a27ca53acf80cc4cdc6e09a5dd20fc012ec61ad1f990d8bca
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e93e7074b0d617b4bbaf1f9b43c1a556a97c480a2991a13317a4f1995f2b7677
ea5d6910a1b27d01b4e2e66ac321fb178a585e2a4b04089b5533c80af639121e
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2
ef8edf313ec9b4be6a7a5fcd1b368d3dc6f44309bdf8e81e5f51bf1ee654ca01
f1fea5ccf64cb781e3359096adbe39726c199fe96766fba3f6c0adfd54e60912
fef2428b307e3c327bc1e2d97d59d28fc4229d217bc57290532d1bce939ec2b5