yamagatasisearch.d0n0b.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yamagatasisearch.d0n0b.com/
Submission: On June 01 via api (June 1st 2024, 10:10:21 am UTC) from US — Scanned from NL

Summary HTTP 33 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 33 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is yamagatasisearch.d0n0b.com.
TLS certificate: Issued by GTS CA 1P5 on May 15th 2024. Valid for: 3 months.

This is the only time yamagatasisearch.d0n0b.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	172.67.150.114 172.67.150.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
33	6

16 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

yamagatasisearch.d0n0b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.150.114 (United States)

ASN13335 (CLOUDFLARENET, US)

hanamo.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	d0n0b.com yamagatasisearch.d0n0b.com	202 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	213 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 654	17 KB
1	hanamo.info hanamo.info	132 KB
33	4

	Domain	Requested by
16	yamagatasisearch.d0n0b.com	yamagatasisearch.d0n0b.com
11	pagead2.googlesyndication.com	yamagatasisearch.d0n0b.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ssl.google-analytics.com	yamagatasisearch.d0n0b.com
1	hanamo.info	yamagatasisearch.d0n0b.com
33	5

This site contains links to these domains. Also see Links.

Domain
news.google.com
eosdesign.jp
yomi.pekori.to
store.line.me

Subject Issuer	Validity	Valid
d0n0b.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
hanamo.info GTS CA 1P5	`2024-05-11` - `2024-08-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://yamagatasisearch.d0n0b.com/
Frame ID: FB742A6BE09F343E0C9CFFB0D3617698
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html
Frame ID: 15F96DF04FB18F0FF4094A0928057566
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717236616&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=29_18&aiixl=29_5&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616391&bpp=3&bdt=868&idt=232&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5422233734059&frm=20&pv=2&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fsapi=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=258
Frame ID: B0C97A3BCF99CC57CEE5722800639DE0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=280&slotname=9394258079&adk=2601216506&adf=2233188909&pi=t.ma~as.9394258079&w=336&abgtt=6&lmt=1717236616&format=336x280&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616394&bpp=2&bdt=871&idt=268&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=277
Frame ID: BC4A79DD4C0B100DD02EED0CF711C11E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=280&slotname=9394258079&adk=2601216506&adf=112331419&pi=t.ma~as.9394258079&w=336&abgtt=6&lmt=1717236616&format=336x280&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616396&bpp=1&bdt=873&idt=282&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=824&ady=315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=286
Frame ID: B62A2423B09595F6E7E313994EAD21FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=90&slotname=9871418523&adk=790876013&adf=1184629349&pi=t.ma~as.9871418523&w=728&abgtt=6&lmt=1717236616&format=728x90&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616396&bpp=1&bdt=874&idt=296&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=4&uci=a!4&fsb=1&dtd=299
Frame ID: D3C100E1B46E3D29C8881BBB213EDF8A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=600&slotname=2415033886&adk=4002625715&adf=826184784&pi=t.ma~as.2415033886&w=160&abgtt=6&lmt=1717236616&format=160x600&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616397&bpp=1&bdt=874&idt=308&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280%2C336x280%2C728x90&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=5&uci=a!5&fsb=1&dtd=310
Frame ID: DD452C7CBA6368717E37351BE68BFDE0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=600&slotname=2415033886&adk=4002625715&adf=3413355844&pi=t.ma~as.2415033886&w=160&abgtt=6&lmt=1717236616&format=160x600&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616398&bpp=1&bdt=875&idt=315&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280%2C336x280%2C728x90%2C160x600&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=317
Frame ID: 8F881580B2541DD0F95CDA361B256DDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30BCE6AE51F3725F22C4204FBC655C8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

山形市検索エンジン-市内情報専用サーチ

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

33
Requests

97 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

565 kB
Transfer

1273 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://news.google.com/rss/articles/CBMiPmh0dHBzOi8vd3d3My5uaGsub3IuanAvbmV3cy9odG1sLzIwMjQwNjAxL2sxMDAxNDQ2Nzg4MTAwMC5odG1s0gEA?oc=5
Title: 2024年06月01 バイデン大統領イスラエルの戦闘休止に向けた新提案明らかに | NHK - nhk.or.jp

Search URL Search Domain Scan URL

URL: https://news.google.com/rss/articles/CBMiN2h0dHBzOi8vd3d3LnlvbWl1cmkuY28uanAvbmF0aW9uYWwvMjAyNDA2MDEtT1lUMVQ1MDEyNC_SAQA?oc=5
Title: 2024年06月01 京都市が運賃２倍の「観光特急バス」運行開始…オーバーツーリズム対策、祇園・五条坂へ - 読売新聞オンライン

Search URL Search Domain Scan URL

URL: https://news.google.com/rss/articles/CBMiN2h0dHBzOi8vd3d3LnlvbWl1cmkuY28uanAvbmF0aW9uYWwvMjAyNDA1MjgtT1lUMVQ1MDA2Ny_SAQA?oc=5
Title: 2024年06月01 川を流される男児、橋に立ち尽くす通行人…男性は服を脱ぎ捨て迷わず飛び込んだ「死なんでよかった」 - 読売新聞オンライン

Search URL Search Domain Scan URL

URL: https://news.google.com/rss/articles/CBMiPmh0dHBzOi8vd3d3My5uaGsub3IuanAvbmV3cy9odG1sLzIwMjQwNjAxL2sxMDAxNDQ2NzY3MTAwMC5odG1s0gEA?oc=5
Title: 2024年06月01 アジア安保会議フィリピン大統領南シナ海情勢で中国側に警告 | NHK - nhk.or.jp

Search URL Search Domain Scan URL

URL: https://news.google.com/rss/articles/CBMiPmh0dHBzOi8vd3d3My5uaGsub3IuanAvbmV3cy9odG1sLzIwMjQwNjAxL2sxMDAxNDQ2ODE5MTAwMC5odG1s0gEA?oc=5
Title: 2024年06月01 警視庁の巡査部長を逮捕マンション侵入と窃盗未遂の疑い | NHK - nhk.or.jp

Search URL Search Domain Scan URL

URL: http://eosdesign.jp/
Title: 千葉の格安ホームページ作成-EO'ｓDesign-

Search URL Search Domain Scan URL

URL: http://yomi.pekori.to/
Title: Yomi-Search Ver4.21

Search URL Search Domain Scan URL

URL: https://store.line.me/stickershop/author/11614

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
yamagatasisearch.d0n0b.com/ 152 KB
28 KB 933ms
887ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535c33d918c5b47c7f585757b821e4d67185261495351a6b9afaa2ae150ac58c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ce69a9787d1c94-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Jun 2024 10:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnJ76SytLNbx1je%2BPi0yQMdXLPMYPNG3P6kioRjohFtnYuSPfmc9EmEH1r6eqSRVF14JbTdcPJ2LUT74HvhUzfMXs3SBEg6aN1ANMvM63TAmCS0GC0S0V0Nwke4sTgA6%2FSK%2BDih2iQEf9tHNEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H3 200 style1.css
yamagatasisearch.d0n0b.com/css/ 2 KB
1 KB 659ms
658ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yamagatasisearch.d0n0b.com/css/style1.css
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd35b36eb43cb6dc5596f055136cb7ac74d4ebb57705e49eca0f041ac46ddc6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2B3NwRidOR4och4RpdiydM9q2cVqNC1ElwFToXFswDrRpgO8GV%2BcDs66y1OeZnqgbsvCum1oTLEcFtpEVu%2FlfYXLeEDMLFKqQ051rRHt2DCqWfubo0UUpJ1%2FpPjOC5CtaM%2BoaiMFAQfmlAnlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 88ce69af1f761c94-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 title.jpg
yamagatasisearch.d0n0b.com/img/ 38 KB
38 KB 955ms
955ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/title.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a396a37bea1de346a90a514fa6af39fa36f030d3cb0464600d02e5f26bf3fc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSYLf3fDj7b%2Fk7akHoJ5CHNDFX7eNsWd137xFytPOvc0P1IHXIIYvwNFvG8XIs%2BxU5f4Kn8FZEUB6zoEcZ1%2BMY6F9H7FkOrejRc3%2FM4uh9oNbiAZdNgylB6Nh6bjG9gSuznYnzsadXubvqtvpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af1f781c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 38863
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 okini.jpg
yamagatasisearch.d0n0b.com/img/ 6 KB
7 KB 664ms
663ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/okini.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9fba8c368067dd006d00df4eed2faa3b18721711b7fc2c921788dadee642bc5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVy2lUJ1BR8%2FMkWB%2FRu%2FywWUo970%2FoAfCsj5G81Q4cz383yozIlMToLTX1WzQdcbP2T5fld3uUbbYvdyyN%2F32M34iwt4gpPDmcaTLx%2B%2FKm6Ao%2BReZG8ql%2F8eljRl91ItT2W7dVyYDEwkoUpTAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af2f8e1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6505
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 osusume.jpg
yamagatasisearch.d0n0b.com/img/ 5 KB
6 KB 666ms
664ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/osusume.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57601c8f93f73abc7527dfd9622065b4fc3968d0f9159304cbd063faec1a1e27

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfsmQ8NivsOK%2FSYHmxQPSbgg2g4gZVZKs5ZZpavJqXsz4MZTyj7VEFISUYFzH7Pf0mAPm5fZSyMzXOk5%2FmNQEAonji93fLRsuiS9FAXsLXuRmAzGFFGz2%2BOGOuOfSxLRXe21VcPKP%2Fqjay1hkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af2f911c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5432
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 sinki.jpg
yamagatasisearch.d0n0b.com/img/ 5 KB
6 KB 666ms
665ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/sinki.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c91a3b3640f6422ec3afc8ec376f2b5be0dbfdb8f6dc399d6a0765cc18782e2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2B87i10mqc3XuOVTfwCSIaESqLWLnOliqVlw5JzUsPvMj49i5KZwqZRZsI2Q12e%2BXbx94Ba4gJ566NwQjxB43fdFT1evq2R0zX9WXHCbHxLXxFsOZkQjOumXpqmQ3Jz28TyFCS%2B%2BhFQI5Y0Ddw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af2f921c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5496
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
51 KB 100ms
64ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5546834925508448

Requested by

Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e29c11938de7696272ff76e2a2b333bd13b4b55a3e971fb8380239e2b35c2075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Origin: https://yamagatasisearch.d0n0b.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51815
x-xss-protection: 0
server: cafe
etag: 4652315841768932783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 01 Jun 2024 10:10:15 GMT

GET
H3 200 pop.jpg
yamagatasisearch.d0n0b.com/img/ 68 KB
69 KB 1287ms
1286ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/pop.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e1e854231aed0c5500705ae2c94d5e76836e0c7486b0eec3192ae890c5c836

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9z9jeWEN2mcKJdKCGIaM83VMA%2BPfW12RvHDnW%2Fwa9vQoEbRxREpstmWfdnkFUDcqluBdo5e1ny%2F93PbK288dFtsX87j3q699thagv750%2BAaXdnuERziUSPA3y%2Bp2KFbR2eXGtXxQ2Lc0iliyoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af1f791c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 69821
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 boti.gif
yamagatasisearch.d0n0b.com/img/ 491 B
997 B 651ms
650ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/boti.gif
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30832b8584ad5b353c95d16ac0bd571b92e3f391f51d485fda6198369949ce6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyaBi37GYt8hcXVIHK2Zu4yL81j0pnrZRkRULYpHpLB1Q%2F%2BZdSD3fhogwa2P06mebt0PMB3SUjpKE6rGyVnjNX9bJur45dU%2BwtJO12%2FpzgVPsNir0vXCKTH3cHueoReHennMGQ2nE0Ps6sivoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af2f941c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 491
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 bana.gif
yamagatasisearch.d0n0b.com/img/ 1 KB
2 KB 671ms
670ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/bana.gif
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d3a55bd2ae0a6eb662582b573834799cff0ffae19846d7ccedb7ac3d69bc00

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlIMBsdQ7dPuoyH8XHfZe5895lZtaeD7Mu0dEXzKCU1upL%2BxVcl4Lzdiqcdl2dmg8vl5LRGCwc2vRxXmaEOVJyVzx2GnDeM2i%2BXd1leUt82ylgCACXJJsN5ezV2fWAPXgPFymnvOY5d4pk%2FGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69b10a231c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1519
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 line-stamp.jpg
hanamo.info/ 132 KB
132 KB 93ms
25ms Image
image/jpeg 172.67.150.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hanamo.info/line-stamp.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04f2ac84b4f174e17204393afb664b25619bdf80cbdc4af9b6940af5d5d7f47

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:15 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 03:57:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4253
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ym2oWYVwoKSz2g5q05jA2o9Yt%2B%2Bd2YLRuFF9n0J6zHuF%2BF4%2BSpWgyzzGYq6jiFJ6ejT6liB7h%2B293ooExivHa8wCqO9kAwdSKnvRLNNFV9uvcuck9x3ArCP3oEXsEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 88ce69b16ea40a4d-AMS
alt-svc: h3=":443"; ma=86400
content-length: 135095

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
0 0ms
0ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5546834925508448

Requested by

Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e29c11938de7696272ff76e2a2b333bd13b4b55a3e971fb8380239e2b35c2075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Origin: https://yamagatasisearch.d0n0b.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51815
x-xss-protection: 0
server: cafe
etag: 4652315841768932783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 01 Jun 2024 10:10:15 GMT

GET
H3 200 boti.gif
yamagatasisearch.d0n0b.com/img/ 491 B
0 0ms
0ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/boti.gif
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30832b8584ad5b353c95d16ac0bd571b92e3f391f51d485fda6198369949ce6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyaBi37GYt8hcXVIHK2Zu4yL81j0pnrZRkRULYpHpLB1Q%2F%2BZdSD3fhogwa2P06mebt0PMB3SUjpKE6rGyVnjNX9bJur45dU%2BwtJO12%2FpzgVPsNir0vXCKTH3cHueoReHennMGQ2nE0Ps6sivoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69af2f941c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 491
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 80ms
19ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jun 2024 09:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 919
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 01 Jun 2024 11:54:57 GMT

GET
H3 200 b.jpg
yamagatasisearch.d0n0b.com/img/ 359 B
866 B 670ms
670ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/b.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58ea6c11f741d1aa4d43a701f3d972d111110b0b28824298fc854e4e4fd3cf4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/css/style1.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6beliNh5QrNfbBzDSkuu97wO1J%2BMTuMsBBA3yyoq%2FQizzz7dUnCBHHLt6aXWJrSGSRMn%2Bn2SsUIm%2Bt13cvzVikc7bB0I22DLCbd5VQTrnhjLR0R4FWVfc7GzDTaKjhMaZdfCjer5AqedfFoC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69b34ccb1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 359
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 h-b.jpg
yamagatasisearch.d0n0b.com/img/ 589 B
1 KB 662ms
662ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/h-b.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9676209102889684a477afc3358f3442fb764f71691b41687035bad4c03ddb35

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BXzPmHZViMADQ7iZtkHoVDuEhbtV15lJRF1XkmhKY37BmtVY8H3dErGoSAWeHwSW0YZzpIEsOZdLeIjDVENz9gE1AO%2Bn4V90VnlOUgDz4A1f7nD4sRMmOVP4gnnJ4uqK45yfs4cCYO2KJ%2FoQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69b34ccc1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 589
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 50on.jpg
yamagatasisearch.d0n0b.com/img/ 38 KB
39 KB 978ms
978ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/50on.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1857f94456c7f6712f497a44ed8afaed6a71e1cc7a38b436fe84a5355ef8155e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:17 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUKsE3Qy02m75feYo04rT1sL3%2Bb8NPsGLYm9zYGYOLa865NjwrVE2uCoq9iRt3QeUYzWX5fw%2BZCF1u5ZFo9r%2F3sRy957szHGwdbULFnMzFbfykzBsipXdVvU4k%2Fl9p%2BXiSco7JyzTln2NYehLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69b34ccd1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 38931
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 b-t.jpg
yamagatasisearch.d0n0b.com/img/ 321 B
832 B 668ms
668ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/b-t.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ba2962470de0b0f9f7bd3866504e5f0b0116ccc9b8faa7ff16c3096c7d1511

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RqBlKjeVJTyy5wH3xTkY8%2BI50bwr9Bq0kn4Mg1DCLpXKAuemGJXgnbd5OqWMAcJxFhTR7RWTJyQY8t8lcYHfrI31FpXpOO0n2bR3YzkJuQQBgKpk61%2FL9%2BSYBG2WcDXZb%2FaOkJHFj%2FWNTz1cDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69b34ccf1c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 321
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 top_aiue_b.jpg
yamagatasisearch.d0n0b.com/img/ 329 B
838 B 665ms
664ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamagatasisearch.d0n0b.com/img/top_aiue_b.jpg
Requested by: Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8902b575c16f8f33fe043033cfbdb04e58bfe54bfa924bb7d9ff4a88d621f43

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 12:56:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28MHnnVhr%2FgVwdDgDfHi7QOHkLW5ypdvXS406OEJJOoMaeLQMHLSrRbg%2B9Xy%2FlWhoAehuY5V7hV4B2rRUE7fH7L9nP0uKjQFdlsWgD24mOO5Biu%2FbH1L6tHSxHQ2MFob8%2BZ3imsJTo4ESJudEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 88ce69b34cd01c94-AMS
alt-svc: h3=":443"; ma=86400
content-length: 329
expires: Sat, 08 Jun 2024 10:10:16 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/ 423 KB
143 KB 119ms
80ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5546834925508448&plah=yamagatasisearch.d0n0b.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5546834925508448

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b947f5eaf75ecde5382026ebff235938a8dbfb75caafd93fa2e1746f778ef730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146607
x-xss-protection: 0
server: cafe
etag: 17544164688559931848
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Jun 2024 10:10:16 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 28ms
27ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1710056764&utmhn=yamagatasisearch.d0n0b.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=nl-nl&utmje=0&utmfl=-&utmdt=%E5%B1%B1%E5%BD%A2%E5%B8%82%E6%A4%9C%E7%B4%A2%E3%82%A8%E3%83%B3%E3%82%B8%E3%83%B3-%E5%B8%82%E5%86%85%E6%83%85%E5%A0%B1%E5%B0%82%E7%94%A8%E3%82%B5%E3%83%BC%E3%83%81&utmhid=928997887&utmr=-&utmp=%2F&utmht=1717236616432&utmac=UA-4430049-23&utmcc=__utma%3D214003231.1057058399.1717236616.1717236616.1717236616.1%3B%2B__utmz%3D214003231.1717236616.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1290782876&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: yamagatasisearch.d0n0b.com
URL: https://yamagatasisearch.d0n0b.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 10:10:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240529/r20110914/ Frame 15F9 0
0 60ms
22ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240529/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5546834925508448&plah=yamagatasisearch.d0n0b.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 23158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 03:44:18 GMT
etag: 3711839061170457607
expires: Sat, 15 Jun 2024 03:44:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame B0C9 0
0 566ms
545ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717236616&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=29_18&aiixl=29_5&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616391&bpp=3&bdt=868&idt=232&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5422233734059&frm=20&pv=2&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fsapi=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 10:10:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame BC4A 0
0 546ms
545ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=280&slotname=9394258079&adk=2601216506&adf=2233188909&pi=t.ma~as.9394258079&w=336&abgtt=6&lmt=1717236616&format=336x280&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616394&bpp=2&bdt=871&idt=268&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 10:10:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame B62A 0
0 116ms
115ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=280&slotname=9394258079&adk=2601216506&adf=112331419&pi=t.ma~as.9394258079&w=336&abgtt=6&lmt=1717236616&format=336x280&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616396&bpp=1&bdt=873&idt=282&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=824&ady=315&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=3&uci=a!3&fsb=1&dtd=286

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 10:10:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame D3C1 0
0 112ms
108ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=90&slotname=9871418523&adk=790876013&adf=1184629349&pi=t.ma~as.9871418523&w=728&abgtt=6&lmt=1717236616&format=728x90&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616396&bpp=1&bdt=874&idt=296&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=4&uci=a!4&fsb=1&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 10:10:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame DD45 0
0 147ms
146ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=600&slotname=2415033886&adk=4002625715&adf=826184784&pi=t.ma~as.2415033886&w=160&abgtt=6&lmt=1717236616&format=160x600&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616397&bpp=1&bdt=874&idt=308&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280%2C336x280%2C728x90&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=5&uci=a!5&fsb=1&dtd=310

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 300
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 10:10:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 8F88 0
0 532ms
531ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5546834925508448&output=html&h=600&slotname=2415033886&adk=4002625715&adf=3413355844&pi=t.ma~as.2415033886&w=160&abgtt=6&lmt=1717236616&format=160x600&url=https%3A%2F%2Fyamagatasisearch.d0n0b.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717236616398&bpp=1&bdt=875&idt=315&shv=r20240529&mjsv=m202405280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C336x280%2C336x280%2C728x90%2C160x600&nras=1&correlator=5422233734059&frm=20&pv=1&ga_vid=73504503.1717236617&ga_sid=1717236617&ga_hid=928997887&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=1722&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083638%2C31084024%2C31084027%2C44795921%2C95332079%2C95332916%2C95334509%2C95334054%2C95334160%2C95334312%2C31078668&oid=2&pvsid=3431832040431214&tmod=2139614905&uas=0&nvt=1&fc=1920&brdim=160%2C160%2C160%2C160%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=6&uci=a!6&btvi=1&fsb=1&dtd=317

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 10:10:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
65ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240529&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5ba301be2ca5996853bcf97e0996d4da266087a76a15863fdb8de5d5f7584495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12665
x-xss-protection: 0

GET
H3 200 favicon.ico
yamagatasisearch.d0n0b.com/ 9 KB
3 KB 703ms
692ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yamagatasisearch.d0n0b.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf349c677cb57a0e7c3b1d65640d107c86c303e04d753d421b8fc3ba2729114

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2024 01:41:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0BFCdc3kb4gz5urAZRHJJukv3bE4dx3CO97MlFMTeXJCZ3Cv%2FnHrIzg8b9iRYmMRMhHh3E7Or5rmX1kxjoMMekzpp2IXs7CsiqP%2F0%2Bwc1ki4gBC3OZNJLTZ2WYslVTX%2F9JPBwV3FTOgacVygQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 88ce69ba2b721c94-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yamagatasisearch.d0n0b.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 10:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Jun 2024 10:10:17 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 30BC 0
0 65ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://yamagatasisearch.d0n0b.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 45756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 31 May 2024 21:27:41 GMT
expires: Sat, 31 May 2025 21:27:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240529&jk=3431832040431214&bg=!h4SlhMvNAAbEf60J5H87ADQBe5WfOPX6Y1w7e2MpUhrUqE9uRbYWCb_RwMnzdZ0zOv-w90DpTVrv5tL6cLLqjVgUZzyFAgAAAHZSAAAABmgBB34ANTVBYVUrzX-XG2LKUa6XRshyxUXS0Zvaq92YbTjaxVIiiISts_gprLIVQIwgb6-uuEsqwbkBmQKgjxKLH03j-AU19-d9ycIqvg0VPnYLuv6dMmxJE_JW47uxzfZtfbiIbl9NlrcmpkoWVVjHk4mSCE2Jrylaydcysm0ycu1j2Knh0aKp7aoavS3nWSnPaO6lJW3t52z_dofuqKoKmPerI-e-5OHQf8kIjr5J5v_Rz5K5_Aktj5Oob0xx-wEz8wG18cHDu9Z48qM9TRzDnb1aJNSMbj6hbJ6S8k7tswmmTCpzw1axshME-TtLTVlSHycCKM-MXf_LunWv2kmsS9DWawPa0GWgW44PIEaB9f7vboOxBcaY6hHGlp9c-F8fpu_0esVZL0kz-ZIKvkziAawcmd0h2_p7_OKvvMwTxuUnnT9inC3pdKbmBabRHb1n7jJTcNLuD6SQrL-_uhSYf0-EaIH_EPz_l4IVfHearDGRo1IEspBiUGG8BPjcztCpXUM09Gm5kQx1hQOuvrDgrG6u26OGKoVECLd06QbmsdNuDk2lU4Jtenj5ijnZ5n05yVgBa5Tafh_sstZpLUNOFGhaLvnLXtiX08lKfIqSvBYm5XyZP6M32uO4S50e6J-lP2_vd3i3Ab5TqP4VRpZvxfQfiKoTdQgDoRZOY7aKRBBwx5vrYHHSOBLLTBQjf-4f0py4VToizerXODy5Tzc8tuNKa4hgAEP4pzTeeoWfjR30iTKOODHO1GDHVgsmlTAH48FU3K-vJa7sEnnunJHuKTUfeQvB2xZ3rVEkxNbclAlGDLe9-MXgOAU-e-EZspKc9ssf80cVYqeblikfuT5NBLyMi0iNnvqrhZqnFB6nGJWA_IrmnMHMQk1AGUuXbyGTE4RDM743NMNAT6taRJzcrPEHwxmtqpfvTPoCWkBv_jr0IomBfrdQD72QNWD4VMdbY-mvZne84BuJXMTe

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yamagatasisearch.d0n0b.com/	1970-01-21 06:36:36	Name: __utma Value: 214003231.1057058399.1717236616.1717236616.1717236616.1
.yamagatasisearch.d0n0b.com/	1969-12-31 23:59:59	Name: __utmc Value: 214003231
.yamagatasisearch.d0n0b.com/	1970-01-21 01:23:24	Name: __utmz Value: 214003231.1717236616.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.yamagatasisearch.d0n0b.com/	1970-01-20 21:00:37	Name: __utmt Value: 1
.yamagatasisearch.d0n0b.com/	1970-01-20 21:00:38	Name: __utmb Value: 214003231.1.10.1717236616
.d0n0b.com/	1970-01-21 01:19:48	Name: __eoi Value: ID=8fd846f883eadf3e:T=1717236616:RT=1717236616:S=AA-AfjZYqfiIrVJPFclA7prLtVe-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hanamo.info
pagead2.googlesyndication.com
ssl.google-analytics.com
tpc.googlesyndication.com
yamagatasisearch.d0n0b.com
pagead2.googlesyndication.com
142.250.184.194
172.67.150.114
188.114.97.3
2a00:1450:4001:808::2001
2a00:1450:4001:812::2008
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1857f94456c7f6712f497a44ed8afaed6a71e1cc7a38b436fe84a5355ef8155e
21d3a55bd2ae0a6eb662582b573834799cff0ffae19846d7ccedb7ac3d69bc00
26e1e854231aed0c5500705ae2c94d5e76836e0c7486b0eec3192ae890c5c836
27ba2962470de0b0f9f7bd3866504e5f0b0116ccc9b8faa7ff16c3096c7d1511
3bd35b36eb43cb6dc5596f055136cb7ac74d4ebb57705e49eca0f041ac46ddc6
535c33d918c5b47c7f585757b821e4d67185261495351a6b9afaa2ae150ac58c
57601c8f93f73abc7527dfd9622065b4fc3968d0f9159304cbd063faec1a1e27
5ba301be2ca5996853bcf97e0996d4da266087a76a15863fdb8de5d5f7584495
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94a396a37bea1de346a90a514fa6af39fa36f030d3cb0464600d02e5f26bf3fc
9676209102889684a477afc3358f3442fb764f71691b41687035bad4c03ddb35
b04f2ac84b4f174e17204393afb664b25619bdf80cbdc4af9b6940af5d5d7f47
b947f5eaf75ecde5382026ebff235938a8dbfb75caafd93fa2e1746f778ef730
b9fba8c368067dd006d00df4eed2faa3b18721711b7fc2c921788dadee642bc5
c8902b575c16f8f33fe043033cfbdb04e58bfe54bfa924bb7d9ff4a88d621f43
c91a3b3640f6422ec3afc8ec376f2b5be0dbfdb8f6dc399d6a0765cc18782e2f
d30832b8584ad5b353c95d16ac0bd571b92e3f391f51d485fda6198369949ce6
e29c11938de7696272ff76e2a2b333bd13b4b55a3e971fb8380239e2b35c2075
ecf349c677cb57a0e7c3b1d65640d107c86c303e04d753d421b8fc3ba2729114
f58ea6c11f741d1aa4d43a701f3d972d111110b0b28824298fc854e4e4fd3cf4

yamagatasisearch.d0n0b.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

97 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

6 IPs

3 Countries

565 kBTransfer

1273 kBSize

6 Cookies

8 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

yamagatasisearch.d0n0b.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

565 kB
Transfer

1273 kB
Size

6
Cookies

33 HTTP transactions
0 data transactions