urlscan.io logo urlscan.io
SecurityTrails logo

iw.nctodo.com Open in urlscan Pro
2606:4700:3030::6815:59a7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://iw.nctodo.com/
Effective URL: https://iw.nctodo.com/
Submission: On January 31 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3030::6815:59a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is iw.nctodo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.
This is the only time iw.nctodo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    2606:4700:3030::6815:59a7 (United States)

ASN13335 (CLOUDFLARENET, US)
iw.nctodo.com
nctodo.com
i.nctodo.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2600:9000:2190:a400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
3    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
1    2600:9000:2190:c600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
stat.optad360.mgr.consensu.org
24    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
3    143.204.93.30 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-30.fra50.r.cloudfront.net
optad360.mgr.consensu.org
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
Domain Requested by
24 mc.yandex.ru 2 redirects iw.nctodo.com
20 i.nctodo.com iw.nctodo.com
5 nctodo.com iw.nctodo.com
nctodo.com
3 optad360.mgr.consensu.org cmp.optad360.io
optad360.mgr.consensu.org
3 cdn.zx-adnet.com iw.nctodo.com
cdn.zx-adnet.com
3 iw.nctodo.com 1 redirects iw.nctodo.com
2 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
2 cdn.jsdelivr.net iw.nctodo.com
2 pagead2.googlesyndication.com iw.nctodo.com
pagead2.googlesyndication.com
1 www.googletagservices.com cdn.zx-adnet.com
1 stat.optad360.mgr.consensu.org cmp.optad360.io
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 get.optad360.io iw.nctodo.com
1 cmp.optad360.io iw.nctodo.com
66 14

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-07 -
2021-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
www.lamato.de
GTS CA 1D2		 2021-01-23 -
2021-04-23		 3 months crt.sh
stat.optad360.mgr.consensu.org
R3		 2020-12-06 -
2021-03-06		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
optad360.mgr.consensu.org
Amazon		 2020-07-20 -
2021-08-20		 a year crt.sh

This page contains 3 frames:

Primary Page: https://iw.nctodo.com/
Frame ID: EE7A41FD7925D67150235537F0D929BE
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Frame ID: 7E1615DB4A7451D05E66A38877225E0F
Requests: 1 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.2.0.min.js
Frame ID: EEF3E621541809DC8076E3364CE0B321
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://iw.nctodo.com/ HTTP 301
    https://iw.nctodo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

66
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

14
Subdomains

11
IPs

4
Countries

2500 kB
Transfer

4937 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://iw.nctodo.com/ HTTP 301
    https://iw.nctodo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://mc.yandex.ru/watch/47179113?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A267%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132914%3Aet%3A1612096155%3Ac%3A1%3Arn%3A334745950%3Arqn%3A1%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612096154180%3Ads%3A0%2C18%2C63%2C1%2C39%2C0%2C%2C408%2C6%2C%2C%2C%2C533%3Adsn%3A0%2C19%2C63%2C1%2C39%2C0%2C%2C410%2C7%2C%2C%2C%2C532%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612096155%3At%3ANc%20to%20do%202021 HTTP 302
  • https://mc.yandex.ru/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A267%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132914%3Aet%3A1612096155%3Ac%3A1%3Arn%3A334745950%3Arqn%3A1%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612096154180%3Ads%3A0%2C18%2C63%2C1%2C39%2C0%2C%2C408%2C6%2C%2C%2C%2C533%3Adsn%3A0%2C19%2C63%2C1%2C39%2C0%2C%2C410%2C7%2C%2C%2C%2C532%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612096155%3At%3ANc%20to%20do%202021
Request Chain 64
  • https://mc.yandex.ru/watch/47179113?page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A121%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132929%3Aet%3A1612096170%3Ac%3A1%3Arn%3A693937573%3Arqn%3A2%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612096154180%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C957%2C957%2C6%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C956%2C956%2C7%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612096170&force-urlencoded=1 HTTP 302
  • https://mc.yandex.ru/watch/47179113/1?page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A121%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132929%3Aet%3A1612096170%3Ac%3A1%3Arn%3A693937573%3Arqn%3A2%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612096154180%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C957%2C957%2C6%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C956%2C956%2C7%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612096170&force-urlencoded=1

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
iw.nctodo.com/
Redirect Chain
  • http://iw.nctodo.com/
  • https://iw.nctodo.com/
38 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.26
Resource Hash
ad97e6ffd752c61974d0ca6c96fcf7b69f933cfd5ab03f0a383ee9fcc418b93a

Request headers

:method
GET
:authority
iw.nctodo.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc916d4d81a51148abea121d714c154381612096154; expires=Tue, 02-Mar-21 12:29:14 GMT; path=/; domain=.nctodo.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/7.3.26
cache-control
max-age=86400
expires
Mon, 01 Feb 2021 12:29:14 GMT
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
07fa04428000002bc2198b2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9rWfunHcs7REYZ13mikI1D7Fti9ivQCWLJOxaCnsY1mgZtSqqIvvJCOV5EOVN9xpvSUwWHfOG7SAEJi3bilayJr2mPY0xCI0gcsoH5RviV%2FuZEQhdphY5R9Q"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61a36fe3f82c2bc2-FRA
content-encoding
br

Redirect headers

Date
Sun, 31 Jan 2021 12:29:14 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 31 Jan 2021 13:29:14 GMT
Location
https://iw.nctodo.com/
cf-request-id
07fa0442590000637d8a9a2000000001
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wgduRKPd0OVO0X18ZtTWVP2RX9XVMcr2bLw4K%2FWpux3R1YIu3wZoR6nuSK%2FIWRP4ysv9Ex%2FRibyJ0z9iMlf7T3MxEwTTRNaJALKlUOYpEkz0joeioIC3jS7N"}],"max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
61a36fe3c87e637d-FRA
style.css
nctodo.com/template/girl/css/ 		641 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nctodo.com/template/girl/css/style.css
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b38200354a05de437b3a3b1dba7f8ca17309556e17a44a527876193e82932df

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
445854
cf-request-id
07fa0442ce00002bc221a26000000001
last-modified
Thu, 26 Mar 2020 14:31:56 GMT
server
cloudflare
etag
W/"a04db-5a1c2d8c8c24e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zMbYuHNpfEnuQcjRpl1wqVzNLJ2WaN2LZbEqrWhjwTZ4n79tCcb5P%2BPgh%2Bx5e4YtiiCUwmPGz76QxlrgvOJeJCXX2G0b2KfIRes9zthIiQB2iK8ePt56"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
61a36fe479c62bc2-FRA
expires
Tue, 09 Feb 2021 08:38:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47560
x-xss-protection
0
server
cafe
etag
13820021645336652624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 31 Jan 2021 12:29:14 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36140
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1299
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by
cache-fra19123-FRA, cache-hhn4043-HHN
date
Sun, 31 Jan 2021 12:29:14 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
cmp.optad360.io/items/ 		248 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8261f5d103da794e378e631cb0bf1c87776ad86afdd7b54506fd0de465ded52f

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:19:50 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 08:19:31 GMT
server
AmazonS3
age
565
etag
W/"3f79be9fbdd5a539b0d3452d78b1716d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
jZRLGwqVc-FYvAopzDDYqIWPSZcklQQR96CxruHYlWTlmUO9xkj-Fg==
logo-fashion-mobile.png
i.nctodo.com/logo/iw/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/logo/iw/logo-fashion-mobile.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2142506
content-length
112526
cf-request-id
07fa0442cd00002bc2149ce000000001
last-modified
Fri, 21 Feb 2020 18:23:50 GMT
server
cloudflare
etag
"1b78e-59f1a1f8b5f48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vHlvfz5MyL5uDJmG0P%2FqSPxno6pW3eJhzIxgUSukmNSv74Q%2Fa6iEyBsw3pcSomIVH4p7XcbV0DmhmyTR8%2BLwX1yuxomENdtN8vWlYOdGHT%2B2EgX1cQezYAU%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe479c32bc2-FRA
expires
Thu, 06 Jan 2022 17:20:48 GMT
drsht_19120601.js
cdn.zx-adnet.com/adx/ 		140 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/drsht_19120601.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6159e79ce7379e57e6cc57c6f694dad02947541af7398b3152c9b32c306d940
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 29 Jan 2021 14:05:26 GMT
x-timer
S1612096154.426068,VS0,VE0
etag
"81d5f13194ba913b756cd43b068a57b18d35a246d0f2d90adc6a777e9065a504-br"
x-served-by
cache-hhn4068-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200,public
date
Sun, 31 Jan 2021 12:29:14 GMT
accept-ranges
bytes
content-length
18895
x-cache-hits
1021
7-best-socket-sets-to-buy-in-2017-2.jpg
i.nctodo.com/img/best-home-products-2018/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/best-home-products-2018/7-best-socket-sets-to-buy-in-2017-2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be516b74ada46d9ad02dd9a823552f38724a81d51d9acf38fd3d8ffbc3d1976

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
47577
cf-request-id
07fa0442cc00002bc2419c1000000001
last-modified
Sat, 22 Feb 2020 00:26:11 GMT
server
cloudflare
etag
"b9d9-59f1f2f5d83b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IO5e1nGzY9cd4EV4NSaTkBF%2B6jknMGFYMMeYseOCtQv4dVZ26VO2ZTQmqDXiG9T2H%2FYrpQ%2BJdEJ%2BrEB7WDUYxXYuxY6D3shK%2BCBIMbHXLZLJFrA9KXCq7S4%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe479c02bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
top-10-spaghetti-recipes-10.jpg
i.nctodo.com/img/italian-mains-2018/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/italian-mains-2018/top-10-spaghetti-recipes-10.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473ace19c94d94f232a9612b4209c5585a155a06eb898920306866083a4a37bd

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
84970
cf-request-id
07fa0442cc00002bc2e8b72000000001
last-modified
Sat, 22 Feb 2020 01:12:06 GMT
server
cloudflare
etag
"14bea-59f1fd393ec60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FvdwbAEg5J6wqo9LRWw7TJnD5sm%2BQLEf%2BF%2F74HlRCxeNqIEGz5GMY%2BJAzFvAB9rGJYWw9EXVcOgvY40cou8zEIIe51XBtslA7gyRQNJ8jcHc0eNp3ppO6o4%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe479c12bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
dairy-free-vegan-tzatziki-sauce.jpg
i.nctodo.com/img/greek-food-2018/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/greek-food-2018/dairy-free-vegan-tzatziki-sauce.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f118dd7e4ada79445e3c9eb0ea1f2ef9b96621de2adace4ab7e888ff0e640d2

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
60635
cf-request-id
07fa0442d300002bc2e59ca000000001
last-modified
Sat, 22 Feb 2020 01:01:15 GMT
server
cloudflare
etag
"ecdb-59f1facd1cd25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=frz31lTkV9uFpzw0KpCw%2FdIYnschXIDTH1QKVQXLSYSztF%2F9g6xEBTs%2F%2F5GiWVZrTcdn83h81goq1EWK3VX2ZhpWOg6i8rqvjrx5CF2eylgTmHYAUinGXr4%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe489e82bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
dairy-free-tuna-casserole-recipe.jpg
i.nctodo.com/img/casserole-sides-2018/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/casserole-sides-2018/dairy-free-tuna-casserole-recipe.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e08cc3efd7f7ca1136278de6ccd20d0177dea293fbc40d675436af4a5bc5df

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
130967
cf-request-id
07fa0442e600002bc2e5349000000001
last-modified
Sat, 22 Feb 2020 00:30:45 GMT
server
cloudflare
etag
"1ff97-59f1f3fbe9146"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9xJ2raR9m8%2BZqW65dTmjzWSlQ5gh6sV9ZkNOxyWYEQQF9qLpi15tFtjCiwcYjXmkBGWrOm6JpbXZVohrId95oIZr8m1zjgzV24m6MtE0z352gsrzi%2BtP6DM%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4aa482bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
creamy-and-irresistible-corn-and-crab-chowder.jpg
i.nctodo.com/img/chowders-2018/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/chowders-2018/creamy-and-irresistible-corn-and-crab-chowder.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46709486a691ac8321f2863cde9d9caf59565bdaf166236eb7fdd80500de140a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
57476
cf-request-id
07fa0442e600002bc22d3ae000000001
last-modified
Sat, 22 Feb 2020 00:33:14 GMT
server
cloudflare
etag
"e084-59f1f489b0847"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j9nMLn9ByDBsk0NDR40eEvyhgJoLpR9aPlKVSpyA3Q7fHQRooKY6w1qN0WrfTrJhAd4lvUPokrZUn1sOJAnVrH0q2aNH%2B8XljHMm5aG6D%2BwmuQcC5WN7Zws%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4aa4e2bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
german-creamy-cucumber-salad-with-dill-recipe.jpg
i.nctodo.com/img/german-sides-2018/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/german-sides-2018/german-creamy-cucumber-salad-with-dill-recipe.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d351a9f19de7768d88a98cbb31d85ff8cd6471c81fd8bea8d07a0c99165ebd

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
67031
cf-request-id
07fa0442fb00002bc2149d3000000001
last-modified
Sat, 22 Feb 2020 00:59:33 GMT
server
cloudflare
etag
"105d7-59f1fa6b67c56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0hETIwAeqL6B%2BCNThPtCLsf%2Fc97TNSyhGuGXKPDPPFfAoQNQD2yfmIOZJ6kcvJXsNfBmI2PD6gfLUnIlzRwXnOknvi2eNagRrxe5saSqH0%2F%2BnIYvLqvmDns%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4ba932bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
dry-red-wines-2.jpg
i.nctodo.com/img/red-wines-2018/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/red-wines-2018/dry-red-wines-2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0cb68b0e30ca9d819db3c9568e5b065549fd0788e0faccf1a0762a09914e90d

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
61647
cf-request-id
07fa04430000002bc2f5035000000001
last-modified
Sat, 22 Feb 2020 01:40:00 GMT
server
cloudflare
etag
"f0cf-59f203769a06f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7ZY8NkpoU8EKcaOMT3HpgpJbXt%2FXpLMrabwaxw2pO83LE24PaUr08Ak1faM2Ry5nniFWFC%2BFCou5eC7BtqOzyRab0aALlwtojqgjJ1Ntg9pRzOyr2APUtL8%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4cab82bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
finding-online-work-2.jpg
i.nctodo.com/img/work-at-home-basics-2018/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/work-at-home-basics-2018/finding-online-work-2.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b7e606969ef2d2682d345d72be9e8e4460b943440824a8d82b7083b2d73f42f

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
73215
cf-request-id
07fa04430f00002bc246bb9000000001
last-modified
Sat, 22 Feb 2020 02:01:07 GMT
server
cloudflare
etag
"11dff-59f2082eddb90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XuwtNZwRyGoBOppaXb2qHDWbjGWrFti1%2B48r%2B%2BU%2F%2BEIO4CiaWGgu7vcICMfaA7FmxMtPToEI1VVpJpKJbFAtHSzm9AHsYZhBi7jX0tgOsw5oEM%2F6rIL7oGk%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4eb052bc2-FRA
expires
Mon, 31 Jan 2022 12:29:14 GMT
where-credit-is-due.jpg
i.nctodo.com/img/news/574/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/news/574/where-credit-is-due.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7384269afca702916554ddf0b33e0dca9d4e34745151f50bdd60cf9001ffaa9

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13363
content-length
33376
cf-request-id
07fa04431400002bc212253000000001
last-modified
Sun, 23 Feb 2020 12:51:55 GMT
server
cloudflare
etag
"8260-59f3db82b63db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f8tfvNYO6kEtFHwTaQthwU3dwDdcr5hO3umvwS8AaqFaCiXC21zRf%2FE7Lg6yEtjVR4DyCjwz8Sax3e9gE4e0JuPq9gL%2BRLLE2VWS37pOzTELalErYunFZ8c%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4eb172bc2-FRA
expires
Mon, 31 Jan 2022 08:46:31 GMT
when-you-re-dating.jpg
i.nctodo.com/img/well-being/152/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/well-being/152/when-you-re-dating.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59468b5e4db809b45d13e585296bc38d1c35715f61d456e4621d4aa1686c6e1

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13363
content-length
44370
cf-request-id
07fa04431500002bc2572cc000000001
last-modified
Sun, 23 Feb 2020 13:15:40 GMT
server
cloudflare
etag
"ad52-59f3e0d1fa240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Iu14AG50R3tB4vQb2hSUDIynmRD%2B2YH4YmhCuz11cAFnW2tXprghCQBRseJpPUvgGVBlkNjtnkCTLayFu0UFJwpste08hd1VNN2lzAhD%2BfJ26An%2BWW1t5A%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4eb1d2bc2-FRA
expires
Mon, 31 Jan 2022 08:46:31 GMT
when-your-dream-doesn-t-work-out.jpg
i.nctodo.com/img/news/744/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/news/744/when-your-dream-doesn-t-work-out.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac02382cd188af65ddae006a1ff731bef1ac894570f347bcc4723832e71b391

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13363
content-length
166849
cf-request-id
07fa04431700002bc2551a3000000001
last-modified
Sun, 23 Feb 2020 13:00:32 GMT
server
cloudflare
etag
"28bc1-59f3dd6f92a6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=66YKMrbt0fHhPWOIX3YjTvjNUzxhN3TRcwgHTDF3Tju7zz0lPhjYthXE%2BYhci9DR14Rn6msxyV%2Bubma3SquxVEDe40X0VcuVk2yR%2B0sbmTvOvV3wJkgOvBs%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe4fb252bc2-FRA
expires
Mon, 31 Jan 2022 08:46:31 GMT
blank.jpg
i.nctodo.com/img/img/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/img/blank.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1881326
content-length
112526
cf-request-id
07fa04432a00002bc2fe24e000000001
last-modified
Fri, 21 Feb 2020 18:38:46 GMT
server
cloudflare
etag
"1b78e-59f1a54f4823c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u1l03MnIoDwstaItw2CH45JO6QVWSQZb4Wz43OA7I%2FgmP8IFRLuxsntEs77uxeglJ7F35Jm3aOXd2irYDQWxQI%2BWPR3Q%2BmUbSxG%2B4hHduSow7OofhYAXDMs%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe50b612bc2-FRA
expires
Sun, 09 Jan 2022 17:53:48 GMT
10-ways-your-name-affects-your-life.jpg
i.nctodo.com/img/well-being/294/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/well-being/294/10-ways-your-name-affects-your-life.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acbedd49ec2b8ae765e08ef71bf325afdfc75dcd93fd08406a002f16216c7af

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13347
content-length
69106
cf-request-id
07fa04432a00002bc21123b000000001
last-modified
Sun, 23 Feb 2020 13:16:07 GMT
server
cloudflare
etag
"10df2-59f3e0ebd5215"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fHbA4zEDITvWXOF90JxyOrBUge1mIlxQ%2Fc%2BwwG1wJGd0hCPRVY%2BztZInIe5I7PKf6GbSIKgSLIpdhsteVXJ%2F3iVmVIi8FUehskF5nHe134I3HbYQp4SgzmY%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe51b622bc2-FRA
expires
Mon, 31 Jan 2022 08:46:47 GMT
11-easy-ways-boost-your-energy-afternoon.jpg
i.nctodo.com/img/well-being/242/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/well-being/242/11-easy-ways-boost-your-energy-afternoon.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9bc8ce0007b1522a20f07b7ef81d3e1aa4e7b0b57ca094e1b9b7a97ebe7ed21

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13347
content-length
79376
cf-request-id
07fa04432a00002bc2170f6000000001
last-modified
Sun, 23 Feb 2020 13:15:56 GMT
server
cloudflare
etag
"13610-59f3e0e184b65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8ZMFZbbfdhQJr1zV3x167JhjIST4A9GZUqpGEP7rPJuSHf4PZCD%2BFp4fwXoisoUQ0oA98zxGkr2OZ9uR1QkjpTinfF9JChwPrSM829C33TcsT6jTMx1TP5o%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe51b642bc2-FRA
expires
Mon, 31 Jan 2022 08:46:47 GMT
how-i-succeed-youeconomy.png
i.nctodo.com/img/business/938/ 		272 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/business/938/how-i-succeed-youeconomy.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2427b7462db69842b636c10a5f49c99a81d919a06fe3e0307f9f816312b70f8a

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13346
content-length
278503
cf-request-id
07fa04432b00002bc20fae6000000001
last-modified
Sun, 23 Feb 2020 11:32:25 GMT
server
cloudflare
etag
"43fe7-59f3c9be02d93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UXksML4U%2BuVvwl491i2K5%2BdhLOy87NU3Oj6vo6e6wQ2%2BI2T%2FOjsHc0isM4i5wNci3hG%2BqrTButpb0xp7wdR4n79%2FPYJ9dHvluuXUHPCh%2FmDo4CVshCI7MaI%3D"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe51b662bc2-FRA
expires
Mon, 31 Jan 2022 08:46:48 GMT
how-i-stay-motivated-exercise.jpg
i.nctodo.com/img/well-being/662/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/img/well-being/662/how-i-stay-motivated-exercise.jpg
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89a477d8a4a48aaabf08f4210b220281b5be021a2e8694094fd5ed607da6bed

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13346
content-length
101603
cf-request-id
07fa04433600002bc2f808d000000001
last-modified
Sun, 23 Feb 2020 13:17:22 GMT
server
cloudflare
etag
"18ce3-59f3e133a106d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MLqR2YElJf4Tw5%2BWhP8d6hfDHjAHe%2FIjHHkkvvcRoU8G41YYdr4aTFPlxPRiP%2B%2B2STfqLCjn2F9hZBn%2BDjJDQrtnYOFSvmRJEnX9%2BiICJXK6w01AKSKI6sI%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe52b902bc2-FRA
expires
Mon, 31 Jan 2022 08:46:48 GMT
logo.png
i.nctodo.com/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/logo/logo.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c8aa9a1de1bcbc49c299ba5852d5556b368b4a379fee165e5cae26a6bf34b2

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7112018
content-length
3768
cf-request-id
07fa04433c00002bc2f503a000000001
last-modified
Fri, 21 Feb 2020 18:38:49 GMT
server
cloudflare
etag
"eb8-59f1a5519215e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DcLfjhctCcdVato5qy6iWEEQRg7IwLXWoiXMDmwsChCbg%2FfYx2FE35Bd4jknFk6EmoV8lzfw0Z84b0DDbqbZRPnHLVxJ0Siow2VPoNQI7PrV8yyx%2FS0c2P0%3D"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe52ba02bc2-FRA
expires
Wed, 10 Nov 2021 04:55:36 GMT
email-decode.min.js
iw.nctodo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iw.nctodo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
07fa0442d100002bc21f238000000001
last-modified
Mon, 25 Jan 2021 17:22:41 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"600efe61-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ER3kxPgn5RkIsFTbtt%2BIIxthtWApCFCl3gTfvirvwDOEH6wnyOILC7XVLa39d6p32gGOwhRiPcOxCLVU9m%2FleTNw6jXyeHw7rdu814WY6pBegO%2BZtSNBVx%2BQ"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
61a36fe479bd2bc2-FRA
expires
Tue, 02 Feb 2021 12:29:14 GMT
plugin.min.js
get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/ 		345 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/plugin.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38f829c35767d8ffeafc420f850bdbfd086299becb7fe0800c883222128b88b0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:19:51 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 10:45:43 GMT
server
AmazonS3
age
564
etag
W/"9a08bec44db6c2f570c0026413a32666"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
n_C9bM55nRqQ7Hyvyy5zDQ_IDnuV21sEcSTMxzvape5fkQ-yx7m89w==
jquery.js
nctodo.com/template/girl/js/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nctodo.com/template/girl/js/jquery.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa560664a187ea3dc996eb43ce2b3cf9f32a04ebd4e5f41f0b626a094484ba39

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
271987
cf-request-id
07fa0442ce00002bc2361ee000000001
last-modified
Sun, 23 Feb 2020 13:18:32 GMT
server
cloudflare
etag
W/"17b5c-59f3e175c17ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mmn6vsU7lyQj78TX671%2FlKbpVJ2bDd4qma1M1CeL7rVPQ5HRChJyYW4KmV2ZP1noKuWS1Do2lHZAVlYthfkYPqhg1T%2BkcbJkAhAFXttqChrZZUxOGrni"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
61a36fe479cb2bc2-FRA
expires
Thu, 11 Feb 2021 08:56:07 GMT
jquery-my.js
nctodo.com/template/girl/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nctodo.com/template/girl/js/jquery-my.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f93fa9887a8612c20f3aea80f25d2d6e13ace162ad2696b2e871ce8f6fb9cd

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
443728
cf-request-id
07fa0442ce00002bc22d3ab000000001
last-modified
Sun, 23 Feb 2020 13:18:32 GMT
server
cloudflare
etag
W/"bc4-59f3e175b3d0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f%2F40MhTl9yy%2BCvXmGnebUtTc7UwpQ%2Bw2E7nlFYDKzTZ559%2B3Ee5TS3PQeFrOPZvuw4%2FAlXHtw5nua%2BZukgOXx7M3jBTpoRlxTNN0XMnyUo2b9aO33c%2Fg"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
61a36fe479c72bc2-FRA
expires
Tue, 09 Feb 2021 09:13:46 GMT
theme.min.js
nctodo.com/template/girl/js/ 		195 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nctodo.com/template/girl/js/theme.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f003c7cf435da89671a858f2180e88ef0a614abaabe3a02a03bdc77693bc2ea

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
271987
cf-request-id
07fa0442d000002bc2299a2000000001
last-modified
Sun, 23 Feb 2020 13:18:32 GMT
server
cloudflare
etag
W/"30a5b-59f3e175d8ecc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yI%2BC3vgFVKezzO2fcC4u%2FvnDEv6PuOc8K6ltE6Fs3mfaLQnzd5ZscpnwvTfsd1F9uk02ReW1FjOdnquoLH%2Fu1J6qr2Y0UbReB6dbrBtWBxj3bpU8DmJH"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
61a36fe479cc2bc2-FRA
expires
Thu, 11 Feb 2021 08:56:07 GMT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36127
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
6756
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by
cache-fra19127-FRA, cache-hhn4043-HHN
date
Sun, 31 Jan 2021 12:29:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
font.woff
nctodo.com/template/girl/css/ 		14 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nctodo.com/template/girl/css/font.woff?9
Requested by
Host: nctodo.com
URL: https://nctodo.com/template/girl/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5340ac0195135f811b8e34d506f4e7e67c3a003f6712804863893eb94eb0c4b1

Request headers

Origin
https://iw.nctodo.com
Referer
https://nctodo.com/template/girl/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
242636
cf-request-id
07fa044324000096a4c1041000000001
last-modified
Sun, 23 Feb 2020 13:18:31 GMT
server
cloudflare
etag
W/"38d0-59f3e174d6605"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d%2FbD9QBaQ9DqF72%2FENG%2F4Ib4dxOHBDb1DbPLT9axooVAWJhyeL7w0OAkrLt7H6cpypl6NNqTH7Hg5%2BT0%2F9CIs%2F4XBgItNr7MwmW99317Gg0DtnIkj2pY"}],"max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
61a36fe50d2496a4-FRA
expires
Thu, 04 Feb 2021 17:05:18 GMT
logo.png
i.nctodo.com/logo/iw/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/logo/iw/logo.png
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7d77d406fc4b42b52f6f5fda5a8e15a7e63e7ec7c129f520bc1142cf6b40de

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2761140
content-length
9541
cf-request-id
07fa04434d00002bc2e59d8000000001
last-modified
Sat, 22 Feb 2020 02:02:39 GMT
server
cloudflare
etag
"2545-59f2088668334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dp8htkfpBrxlHP5loLIX1j2B9yjUNi8O2OwRX5fuMHoIhBXAcLc88EC8mUrf3LCwFR02uK5s3x25WPBdkkK0Kov7w1e8WFKHs8tpFZAy%2BLcR0lfGfIV2klc%3D"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36fe54bd62bc2-FRA
expires
Thu, 30 Dec 2021 13:30:14 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86255
x-xss-protection
0
server
cafe
etag
8534310779558063066
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Jan 2021 12:29:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame 7E16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210127/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iw.nctodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://iw.nctodo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 31 Jan 2021 00:57:55 GMT
expires
Sun, 14 Feb 2021 00:57:55 GMT
content-type
text/html; charset=UTF-8
etag
6748560809430760793
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4784
x-xss-protection
0
age
41479
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
stat.optad360.mgr.consensu.org/ 		20 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.optad360.mgr.consensu.org/
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0d2f4500b5ce14ddd7a8d95c84f624994424e2f1903cfeaa4106d71c18d74eb4

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 31 Jan 2021 12:29:14 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
abs.js
cdn.zx-adnet.com/adx/ 		200 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.32050639040925044
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 29 Jan 2021 14:05:26 GMT
x-timer
S1612096155.614263,VS0,VE324
etag
"437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by
cache-hhn4068-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200,public
date
Sun, 31 Jan 2021 12:29:14 GMT
accept-ranges
bytes
content-length
118
x-cache-hits
0
watch.js
mc.yandex.ru/metrika/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
17e4915f4aa3c22c3509247e66509db925f0a2702d1e67137fcd488a1e9e9e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
br
last-modified
Fri, 29 Jan 2021 14:35:14 GMT
etag
"60140a9e-a2e4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
41700
expires
Sun, 31 Jan 2021 13:29:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/efa448b2-79af-4698-bef0-df033d400fc0/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
3b5ffb8002d06c53955694ed7f5f4096db4c109a8f6ee14a5abe050d29e14932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"769 / 427 of 1000 / last-modified: 1611961911"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19228
x-xss-protection
0
expires
Sun, 31 Jan 2021 12:29:14 GMT
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v3/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v3/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-30.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 15:42:01 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 09:18:43 GMT
server
AmazonS3
age
74834
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
w1EcEAK6Vrec8aFzExIykwE9xfKGKxfT_TTbCgjLjjTAoMJOQFZqtg==
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
pubads_impl_2021012801.js
securepubads.g.doubleclick.net/gpt/ 		275 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js?21069974
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 09:41:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99311
x-xss-protection
0
expires
Sun, 31 Jan 2021 12:29:14 GMT
1
mc.yandex.ru/watch/47179113/
Redirect Chain
  • https://mc.yandex.ru/watch/47179113?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A267%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
  • https://mc.yandex.ru/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A267%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
186 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A267%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132914%3Aet%3A1612096155%3Ac%3A1%3Arn%3A334745950%3Arqn%3A1%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612096154180%3Ads%3A0%2C18%2C63%2C1%2C39%2C0%2C%2C408%2C6%2C%2C%2C%2C533%3Adsn%3A0%2C19%2C63%2C1%2C39%2C0%2C%2C410%2C7%2C%2C%2C%2C532%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612096155%3At%3ANc%20to%20do%202021
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7b6290e7f6cf0a9c120edb53be709a4af4f06d5e0bf94f338a299bf78bb90e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iw.nctodo.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
location
/watch/47179113/1?wmode=7&page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afp%3A267%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132914%3Aet%3A1612096155%3Ac%3A1%3Arn%3A334745950%3Arqn%3A1%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612096154180%3Ads%3A0%2C18%2C63%2C1%2C39%2C0%2C%2C408%2C6%2C%2C%2C%2C533%3Adsn%3A0%2C19%2C63%2C1%2C39%2C0%2C%2C410%2C7%2C%2C%2C%2C532%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612096155%3At%3ANc%20to%20do%202021
strict-transport-security
max-age=31536000
access-control-allow-origin
https://iw.nctodo.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Fri, 29 Jan 2021 14:35:14 GMT
etag
"601418e5-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 31 Jan 2021 13:29:15 GMT
cmp-2.2.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame EEF3 		441 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-2.2.0.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/76278472-a1d8-4b44-96ef-f1aff276b45b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-30.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
270a6044d93f1d0ca7694080f6b3f4a6bae9d5354b0741db0c85a59d01f7c448

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 15:25:06 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 22:43:50 GMT
server
AmazonS3
age
75850
etag
W/"87ca1cd5d9a761e4845adb0569ce4944"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ZVILB9LrCBod7xfksBjEKRDn3cbbaUnkxp6hFbkEEPAaS4Gr2sI__A==
checkabuse
cdn.zx-adnet.com/ 		56 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https://iw.nctodo.com/
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.32050639040925044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:15 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
HIT
content-length
65
x-served-by
cache-hhn4068-HHN
server
Google Frontend
x-timer
S1612096155.024514,VS0,VE1
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
2c733f45adc5a8aa4cecc0eec25f680a
cache-control
max-age=3600,public
function-execution-id
gi46erariixq
accept-ranges
bytes
x-orig-accept-language
he-IL,he;q=0.9,en-US;q=0.8,en;q=0.7
x-country-code
IL
x-cache-hits
1
gpt.js
www.googletagservices.com/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js?zx
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4abf9f7d3eac7a54be515026ca45862e66e9e0a93565c5ae40652b63493705e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"769 / 153 of 1000 / last-modified: 1611961911"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
19227
x-xss-protection
0
expires
Sun, 31 Jan 2021 12:29:15 GMT
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.5053372512106806
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.5070891790050902
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.4475527028547257
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.40039479458579486
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.9803788028783189
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.02496870402042828
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.24780479568225133
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.5719316962185017
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.4708718161069332
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.7865081016998701
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.23200158625338396
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.8286536392612116
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.925780720316181
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.4902645940706878
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.9229690218023494
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.5702570353239613
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
mc.yandex.ru/watch/56551090/DRSHT/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56551090/DRSHT/?r=0.9648791524266351
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:15 GMT
last-modified
Sun, 31-Jan-2021 12:29:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:15 GMT
53428543
mc.yandex.ru/watch/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRSHT%22:{%22iw.nctodo.com%22:{%22https://iw.nctodo.com/%22:%22%22}}}&r=0.2710838063809249
Requested by
Host: iw.nctodo.com
URL: https://iw.nctodo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame EEF3 		217 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.2.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-30.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63ec6cee62ab9af190bfee169064c5be6309cf0a20e350750b2916f8ba7a96e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 09:08:56 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 01:00:07 GMT
server
AmazonS3
age
12020
etag
W/"068140066096c9346b44e1a4555b0a83"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Kccx1bJmF0DnEYNQQ1WsH5G81ipLwVYrEqmKhhN0Bmb_j1jys8nOBA==
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
logo-retina.png
i.nctodo.com/logo/de/ Frame EEF3 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.nctodo.com/logo/de/logo-retina.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:59a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 12:29:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7284452
content-length
112526
cf-request-id
07fa0446df00002bc22fbc8000000001
last-modified
Fri, 21 Feb 2020 18:23:50 GMT
server
cloudflare
etag
"1b78e-59f1a1f8b5f48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=looISOr9YzhUYHm876qd9wcv9ZxfpXxHf3rQnVlotJi8wPX6Xo463ERcFzqqjPGML5s81u9DrieXPPFYtMGvXPs9%2B6VYIJkmS45IR1nCx0G9loKQsdYa9lg%3D"}],"max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61a36feafafe2bc2-FRA
expires
Mon, 08 Nov 2021 05:01:43 GMT
1
mc.yandex.ru/watch/47179113/
Redirect Chain
  • https://mc.yandex.ru/watch/47179113?page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A121%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
  • https://mc.yandex.ru/watch/47179113/1?page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A121%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
43 B
71 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/47179113/1?page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A121%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132929%3Aet%3A1612096170%3Ac%3A1%3Arn%3A693937573%3Arqn%3A2%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612096154180%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C957%2C957%2C6%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C956%2C956%2C7%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612096170&force-urlencoded=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iw.nctodo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:30 GMT
last-modified
Sun, 31-Jan-2021 12:29:30 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:30 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Jan 2021 12:29:30 GMT
last-modified
Sun, 31-Jan-2021 12:29:30 GMT
location
/watch/47179113/1?page-url=https%3A%2F%2Fiw.nctodo.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A121%3Aar%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A531495992545%3Ahid%3A676753532%3Az%3A60%3Ai%3A20210131132929%3Aet%3A1612096170%3Ac%3A1%3Arn%3A693937573%3Arqn%3A2%3Au%3A1612096155240573420%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612096154180%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C957%2C957%2C6%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C956%2C956%2C7%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612096170&force-urlencoded=1
strict-transport-security
max-age=31536000
access-control-allow-origin
https://iw.nctodo.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 31-Jan-2021 12:29:30 GMT

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi object| __isFromEUPromise object| _0x8179 number| zxadflg_rich_stat string| zxmngname_ext string| yamId string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| t object| e object| __ZXCONSENT undefined| $ function| jQuery boolean| td_is_safari boolean| td_is_ios boolean| td_is_windows_phone string| ua boolean| td_is_android object| tdBlocksArray function| tdBlock object| tdLocalCache string| tds_login_sing_in_widget object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| td_ad_background_click_link string| td_ad_background_click_target object| tdDetect object| tdViewport object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| $ULs object| jQuery112402898833614158083 function| $f object| cookieconsent object| regeneratorRuntime object| googletag object| pbjs325474 object| AdSlotCollection boolean| __isFromEU function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| __isGoogleAllowed object| Ya object| yaCounter47179113 number| zxCheckAbs number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg object| ZXNT string| slot_ext string| zxadblock_ext string| domen string| site_topdomen number| prtintstlprocent string| zxAdUnit77 string| zx_network_prefix string| zx_ad_slot_default object| adx_dfp_bloks string| zx_banner_w_default string| zx_banner_h_default string| BannerSize_default number| flg_dfp object| t2 object| e2 string| url1 string| url2 string| url3 string| zx_ad_place number| zx_ad_width number| zx_ad_height string| zx_ad_id string| ins_targets number| cw number| ch object| tt98 string| txt98 string| txt99 string| stl98 string| BannerSize

5 Cookies

Domain/Path Name / Value
.nctodo.com/ Name: _ym_isad
Value: 2
.nctodo.com/ Name: _ym_uid
Value: 1612096155240573420
.nctodo.com/ Name: _ym_d
Value: 1612096155
iw.nctodo.com/ Name: __oaue
Value: true
.nctodo.com/ Name: __cfduid
Value: dc916d4d81a51148abea121d714c154381612096154

8 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
zx->gdpr & oa & consent detected ->start without cmp
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
zxnt native v.1.0
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
skip ad 336|280 block not visible
console-api log URL: https://cdn.zx-adnet.com/adx/drsht_19120601.js(Line 1)
Message:
skip ad 336|280 block not visible

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.zx-adnet.com
cmp.optad360.io
get.optad360.io
googleads.g.doubleclick.net
i.nctodo.com
iw.nctodo.com
mc.yandex.ru
nctodo.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
www.googletagservices.com
142.250.185.194
143.204.93.30
151.101.1.195
18.196.233.38
2600:9000:2190:a400:6:b871:4f00:93a1
2600:9000:2190:c600:11:a4de:2580:93a1
2606:4700:3030::6815:59a7
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a02:6b8::1:119
2a04:4e42:1b::621
0d2f4500b5ce14ddd7a8d95c84f624994424e2f1903cfeaa4106d71c18d74eb4
17e4915f4aa3c22c3509247e66509db925f0a2702d1e67137fcd488a1e9e9e10
2427b7462db69842b636c10a5f49c99a81d919a06fe3e0307f9f816312b70f8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d351a9f19de7768d88a98cbb31d85ff8cd6471c81fd8bea8d07a0c99165ebd
270a6044d93f1d0ca7694080f6b3f4a6bae9d5354b0741db0c85a59d01f7c448
2b7d77d406fc4b42b52f6f5fda5a8e15a7e63e7ec7c129f520bc1142cf6b40de
38f829c35767d8ffeafc420f850bdbfd086299becb7fe0800c883222128b88b0
3acbedd49ec2b8ae765e08ef71bf325afdfc75dcd93fd08406a002f16216c7af
3b5ffb8002d06c53955694ed7f5f4096db4c109a8f6ee14a5abe050d29e14932
46709486a691ac8321f2863cde9d9caf59565bdaf166236eb7fdd80500de140a
473ace19c94d94f232a9612b4209c5585a155a06eb898920306866083a4a37bd
5340ac0195135f811b8e34d506f4e7e67c3a003f6712804863893eb94eb0c4b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c8aa9a1de1bcbc49c299ba5852d5556b368b4a379fee165e5cae26a6bf34b2
63ec6cee62ab9af190bfee169064c5be6309cf0a20e350750b2916f8ba7a96e0
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
6f003c7cf435da89671a858f2180e88ef0a614abaabe3a02a03bdc77693bc2ea
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c
73e08cc3efd7f7ca1136278de6ccd20d0177dea293fbc40d675436af4a5bc5df
792b15f992f62fdaee7e2f6f478e1ac6cdba4018caca2d42c6c901e79c5bc0a7
7ac02382cd188af65ddae006a1ff731bef1ac894570f347bcc4723832e71b391
7b6290e7f6cf0a9c120edb53be709a4af4f06d5e0bf94f338a299bf78bb90e63
7b7e606969ef2d2682d345d72be9e8e4460b943440824a8d82b7083b2d73f42f
8261f5d103da794e378e631cb0bf1c87776ad86afdd7b54506fd0de465ded52f
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8b38200354a05de437b3a3b1dba7f8ca17309556e17a44a527876193e82932df
8be516b74ada46d9ad02dd9a823552f38724a81d51d9acf38fd3d8ffbc3d1976
8f118dd7e4ada79445e3c9eb0ea1f2ef9b96621de2adace4ab7e888ff0e640d2
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
a0cb68b0e30ca9d819db3c9568e5b065549fd0788e0faccf1a0762a09914e90d
a59468b5e4db809b45d13e585296bc38d1c35715f61d456e4621d4aa1686c6e1
aa560664a187ea3dc996eb43ce2b3cf9f32a04ebd4e5f41f0b626a094484ba39
ad97e6ffd752c61974d0ca6c96fcf7b69f933cfd5ab03f0a383ee9fcc418b93a
b2f93fa9887a8612c20f3aea80f25d2d6e13ace162ad2696b2e871ce8f6fb9cd
b7384269afca702916554ddf0b33e0dca9d4e34745151f50bdd60cf9001ffaa9
b89a477d8a4a48aaabf08f4210b220281b5be021a2e8694094fd5ed607da6bed
c4abf9f7d3eac7a54be515026ca45862e66e9e0a93565c5ae40652b63493705e
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d9bc8ce0007b1522a20f07b7ef81d3e1aa4e7b0b57ca094e1b9b7a97ebe7ed21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
f6159e79ce7379e57e6cc57c6f694dad02947541af7398b3152c9b32c306d940
fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536