www.ncnow.online Open in urlscan Pro
2a00:1450:4001:82f::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ncnow.online/
Effective URL:
https://www.ncnow.online/
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On May 14 via api (May 14th 2024, 1:00:30 pm UTC) from IT — Scanned from IT

Summary HTTP 40 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2a00:1450:4001:82f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.ncnow.online.
TLS certificate: Issued by WR3 on May 13th 2024. Valid for: 3 months.

This is the only time www.ncnow.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.250.181.243 142.250.181.243	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
1	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
4	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.16.31 104.21.16.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
9	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
40	13

1 142.250.181.243 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f19.1e100.net

www.ncnow.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.ncnow.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.16.31 (None, )

ASN13335 (CLOUDFLARENET, US)

zovidree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

glaichaupu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10405	197 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	186 KB
3	gstatic.com fonts.gstatic.com	62 KB
3	ncnow.online 1 redirects www.ncnow.online	40 KB
2	glaichaupu.net glaichaupu.net	5 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	246 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11492	545 B
1	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 19127	84 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 11861	50 KB
1	zovidree.com zovidree.com — Cisco Umbrella Rank: 305855	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
40	11

	Domain	Requested by
22	blogger.googleusercontent.com	www.ncnow.online
4	cdnjs.cloudflare.com	www.ncnow.online cdnjs.cloudflare.com
3	fonts.gstatic.com	www.ncnow.online
3	www.ncnow.online	1 redirects www.ncnow.online
2	glaichaupu.net	zovidree.com
1	region1.google-analytics.com	www.googletagmanager.com
1	my.rtmark.net	zovidree.com
1	4.bp.blogspot.com	www.ncnow.online
1	www.blogger.com	www.ncnow.online
1	zovidree.com	www.ncnow.online
1	www.googletagmanager.com	www.ncnow.online
40	11

This site contains links to these domains. Also see Links.

Domain
netflixcookiesnow.blogspot.com
t.me
www.templateify.com
www.blogger.com

Subject Issuer	Validity	Valid
www.ncnow.online WR3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
zovidree.com E1	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.blogger.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
misc-sni.blogspot.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
glaichaupu.net R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
rtmark.net R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ncnow.online/
Frame ID: BA45115F845A301373FE356E80843EF2
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix Cookies Now

Page URL History Show full URLs

http://www.ncnow.online/ HTTP 307
https://www.ncnow.online/ HTTP 307
http://www.ncnow.online/ HTTP 301
https://www.ncnow.online/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

46 %
IPv6

11
Domains

11
Subdomains

13
IPs

4
Countries

756 kB
Transfer

1739 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://netflixcookiesnow.blogspot.com/2024/05/netflix-premium-account-cookies-2024.html
Title: Netflix

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/2024/05/spotify-premium-account-cookies-2024.html
Title: Spotify

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/2024/05/crunchyroll-premium-account-cookies-2024.html
Title: Crunchyroll

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/2024/05/prime-video-premium-account-cookies-2024.html
Title: Amazon Prime Video

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/p/about-us.html
Title: more →

Search URL Search Domain Scan URL

URL: https://t.me/Netflix_Cookies_now

Search URL Search Domain Scan URL

URL: https://www.templateify.com/
Title: Blogger Templates

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/p/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/p/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://netflixcookiesnow.blogspot.com/p/terms-conditions.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Ulteriori informazioni

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ncnow.online/ HTTP 307
https://www.ncnow.online/ HTTP 307
http://www.ncnow.online/ HTTP 301
https://www.ncnow.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ncnow.online/
Redirect Chain

http://www.ncnow.online/
https://www.ncnow.online/
http://www.ncnow.online/
https://www.ncnow.online/

212 KB
37 KB

805ms
804ms

Document
text/html

2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8039c16c225d61d40e3de65ea3126f06e432c50ada30d458ffb87762118656a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 37621
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 13:00:19 GMT
etag: W/"497d0f36f40104747d4d33f610c581ffdc9112cdc9b39372828d67f3085155e8"
expires: Tue, 14 May 2024 13:00:19 GMT
last-modified: Tue, 14 May 2024 12:56:32 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex,noodp
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 192
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 May 2024 13:00:17 GMT
Expires: Tue, 14 May 2024 13:00:17 GMT
Location: https://www.ncnow.online/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 1239ms
297ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9Z273GF3NH

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

22a594c72e782e88ca9c7730c6746c3acd74f84a2612b63284de67e4573297d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 13:00:20 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
10 KB 566ms
288ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1699839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10022
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F7HIZk%2BkV1qmKJdmitSP50MahPYg9Z9opmHKW00IyKN3XMARSeVONHd4I%2Blje9Q0s37TjzwOyPfcmjij5MW2US4Ih9kX%2FeF2kLGzrxMgYLL8P%2Bg4EAbtD0Nx1YGHerdK4KL5nsdU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 883b1210ff3b0f82-MXP
expires: Sun, 04 May 2025 13:00:20 GMT

GET
H3 200 tag.min.js Show response
zovidree.com/ 88 KB
30 KB 593ms
298ms Script
text/javascript 104.21.16.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zovidree.com/tag.min.js
Requested by: Host: www.ncnow.online
URL: https://www.ncnow.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6a61df2aab7d90c9504b219483e1b122d9ed18355888cd66640faccd29cb61

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6237
alt-svc: h3=":443"; ma=86400
x-trace-id: 509166ddafd8ea36f3e9c2663e7b9fb3
pragma: no-cache
last-modified: Tue, 14 May 2024 08:16:10 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HawN%2FBflODG%2Btbv16kEuQQHrLsXM925hj3U%2BptvLSIUxOlmkGc2ggJdqojpAAUfkEPHP4lJrbpAi72tbLu7zr5voyvKfOrkEkpBhOybR%2BfE091axg78DWSR4Qsg%2B01Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 883b12169823bae5-MXP
expires: Wed, 15 May 2024 11:16:23 GMT

GET
H2 200 AVvXsEgq7TToKIytN_pdX8y_9bhEJbLdRXCEd4fMq0K8Opa8jAkMO8gcwlfbFum3Kw_FmrdJdvcojEUm13WsSPKRxetJGPCOcWfLgYbpbOc-62dX9bWk0ZL3yIfCtRFcCLViwaMpL5KJ1i1T78ImPbAz4xGFZ7JthvYmuSzpodZrz5YH_vVQ28TFZ8X3KrFr5ztp=...
blogger.googleusercontent.com/img/a/ 17 KB
18 KB 1672ms
1057ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgq7TToKIytN_pdX8y_9bhEJbLdRXCEd4fMq0K8Opa8jAkMO8gcwlfbFum3Kw_FmrdJdvcojEUm13WsSPKRxetJGPCOcWfLgYbpbOc-62dX9bWk0ZL3yIfCtRFcCLViwaMpL5KJ1i1T78ImPbAz4xGFZ7JthvYmuSzpodZrz5YH_vVQ28TFZ8X3KrFr5ztp=s1231

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4c03a5336a732105e289744c14b7fdc9270cb7e45eb57fdb08074304c75b1912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v67"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Artboard 1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17774
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:21 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 549ms
549ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vN5uvzlVcXacCvj4Ba8BFEtxfhDHfF7TV%2FuRPYW08EBvd4QrwHuDciCnGgorcrKikiJLLiJOacfb7%2BYSDlG3k0i%2B2MVMn%2BVhU3CE8M6O6mgHbsGi8fDNLeq1w1mLF3ZFmw%2BQCI2b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 883b1212e9650f82-MXP
expires: Sun, 04 May 2025 13:00:20 GMT

GET
H2 200 cookienotice.js Show response
www.ncnow.online/js/ 6 KB
2 KB 587ms
587ms Script
text/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncnow.online/js/cookienotice.js

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 May 2024 08:54:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 21 May 2024 13:00:20 GMT

GET
H2 200 1759232347-widgets.js Show response
www.blogger.com/static/v1/widgets/ 140 KB
50 KB 925ms
291ms Script
text/javascript 2a00:1450:4001:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1759232347-widgets.js

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce06d33c5b19e521b0bd671e5b58e20568a7f1a3ea1678a4cf52d5889771bb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50962
x-xss-protection: 0
last-modified: Mon, 13 May 2024 00:50:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 13 May 2025 01:50:13 GMT

GET
H2 200 Depositphotos_102339260_xl-2015.jpg
4.bp.blogspot.com/-en4ZaBhkgSs/XsU3b3GpdOI/AAAAAAAACJo/7ktOtl1o0iouU_bzYctC82CEdMa4t2DVACK4BGAYYCw/s1600/ 84 KB
84 KB 1500ms
619ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-en4ZaBhkgSs/XsU3b3GpdOI/AAAAAAAACJo/7ktOtl1o0iouU_bzYctC82CEdMa4t2DVACK4BGAYYCw/s1600/Depositphotos_102339260_xl-2015.jpg

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4fee4e8adf8a451c97366229b7b974529542acd19c195be6fc76be1b8452ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 11:42:33 GMT
x-content-type-options: nosniff
age: 4668
content-disposition: inline;filename="Depositphotos_102339260_xl-2015.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85705
x-xss-protection: 0
server: fife
etag: "v8a2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 May 2024 11:42:33 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
75 KB 574ms
300ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://www.ncnow.online
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1699374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75728
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWqz7FaNMUftkzLhJ0%2Fd4y8Qwpu4COa43xZbaq%2BtO5C8pK%2FPz9mxE92VI7UExCzkkEeqkHysvA9lChPGfJY%2B6X6hAsSHq9XF9zrsQMUAqzB6a9%2B71q5FqSL6ZQaKR%2Fu0l5zY%2BBZf"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 883b122ccf474c4a-MXP
expires: Sun, 04 May 2025 13:00:24 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2
fonts.gstatic.com/s/raleway/v14/ 20 KB
21 KB 1200ms
605ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwPIsWqZPAA.woff2

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e088dcc1b0435ae26460f199b7362c41f885a5ec9ff8efc17d7e12ed053c123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Origin: https://www.ncnow.online
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:09:36 GMT
x-content-type-options: nosniff
age: 17445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20872
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:09:36 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v14/ 20 KB
20 KB 1310ms
717ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Origin: https://www.ncnow.online
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 19:51:35 GMT
x-content-type-options: nosniff
age: 320926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20724
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:48:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 May 2025 19:51:35 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2
fonts.gstatic.com/s/raleway/v14/ 21 KB
21 KB 1803ms
1210ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPAA.woff2

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Origin: https://www.ncnow.online
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:05:21 GMT
x-content-type-options: nosniff
age: 17700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21164
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:47:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:05:21 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
74 KB 598ms
573ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://www.ncnow.online
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1592294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75336
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BWBO2ix1%2BkhG7tPRZCM%2BB%2BnLWVSy7dtIirRkte6JIsVLlojR1ILjewn6u319SvZuRLLYusJrG9hYf2Mdb0DxAei%2BkDRDuNgaS%2BRDsexsXR6BKkhGgaPOEtMDNpHAQILVekoFjxj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 883b122ccf414c4a-MXP
expires: Sun, 04 May 2025 13:00:24 GMT

GET
H2 200 / Show response
glaichaupu.net/5/7477627/ 4 KB
3 KB 897ms
292ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glaichaupu.net/5/7477627/?oo=1&js_build=iclick-v1.793.0&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.201
Requested by: Host: zovidree.com
URL: https://zovidree.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8bbad0a37c3c0d2b3cc405717481e900b666947ebdb45bfbf76262671bab9e0c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:22 GMT
content-encoding: gzip
x-trace-id: 3de0c1f1e03d85a5d58275cf1c0e904f
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ncnow.online
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ad.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGxtI-G8uU7CaLzeCws5_VImcYDmaJjOKFsUbT7P58mjsppAoUwuFcjDWN5SVoQO0v8NFq2PRlnGarrBlBLFpwGCYbVpXYihN3vY4y85TF9MEthqqWo-AhgpRUFvSwFR-jAPjganWQKy7C1bZZ... 53 KB
53 KB 826ms
824ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGxtI-G8uU7CaLzeCws5_VImcYDmaJjOKFsUbT7P58mjsppAoUwuFcjDWN5SVoQO0v8NFq2PRlnGarrBlBLFpwGCYbVpXYihN3vY4y85TF9MEthqqWo-AhgpRUFvSwFR-jAPjganWQKy7C1bZZANKNe9qa5kkR_LbAHauu_wTZhrf90k_jfmMlDRwf0zcn/w245-h150-p-k-no-nu/ad.png

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66173bbfa8c1dfe2171bcbe70fb3e0dfe9b59e05a1f73a5855ac71cef756ca5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ad.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53843
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:22 GMT

GET
H2 200 Untitled%20design.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm3vpj9BmqjR9M3F6xSu04R3YeNrp07hO2R2LZ2ZwCs2tAEgcesG-VlWDVx8HXF7MS3pL35z4qLEnWUGXopbcvwIjSs-BYvowtdi62bKOwf3DVI-dllFvZ-M824dKxG2KDhK-Jnv6o93jl0_KS... 31 KB
31 KB 1184ms
1184ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm3vpj9BmqjR9M3F6xSu04R3YeNrp07hO2R2LZ2ZwCs2tAEgcesG-VlWDVx8HXF7MS3pL35z4qLEnWUGXopbcvwIjSs-BYvowtdi62bKOwf3DVI-dllFvZ-M824dKxG2KDhK-Jnv6o93jl0_KSrKoGvUUtt62OTn8xNJ28uncnUVAIEVt2b9VuJo2RgBu1/w245-h150-p-k-no-nu/Untitled%20design.png

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

090fd68195ac9aef377444480c113966ee0f1fe08dda847c45809b57b2a989e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v71"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled design.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31612
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H2 200 amazon%20prime%20video.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVvGseQP7IKYZtlaT6CUuQ-uMSungtvLTm7xUiJbUJLRkWfUVMcBiMBv-CCRp3HIf-2mFdza9mEi34Lh0SjMTK3eMrdqprXTAxn4qMALgzGLZUn71VYW_XEhiOJSLJB9edyp_lkNDJBXSioZgW... 40 KB
41 KB 1490ms
1490ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVvGseQP7IKYZtlaT6CUuQ-uMSungtvLTm7xUiJbUJLRkWfUVMcBiMBv-CCRp3HIf-2mFdza9mEi34Lh0SjMTK3eMrdqprXTAxn4qMALgzGLZUn71VYW_XEhiOJSLJB9edyp_lkNDJBXSioZgWK87CQJhn4J0Luv1KVN4Etq9oOW1kq9zAk9W98PM3evvg/w245-h150-p-k-no-nu/amazon%20prime%20video.png

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecc3c3dbb804f2235c794a4e1e12969b1d5ba3939ceb74d9e8738deed1b30239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="amazon prime video.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41369
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H2 200 photo_2024-05-07_19-25-07.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicIRxUxCTdTEdhmQqKpb1tFaoKQ8KhmUzYV9o1Y0PdzgHl_5njnoHOQOOzFqaxIrOIqpgKWpW-vrKPr1u1IyL83BOv1LGb21kmCt_f-j4zx7xE54SU56KZpI-ep4vsDyyUgWwJH5T22YCpijAa... 18 KB
18 KB 2126ms
2126ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicIRxUxCTdTEdhmQqKpb1tFaoKQ8KhmUzYV9o1Y0PdzgHl_5njnoHOQOOzFqaxIrOIqpgKWpW-vrKPr1u1IyL83BOv1LGb21kmCt_f-j4zx7xE54SU56KZpI-ep4vsDyyUgWwJH5T22YCpijAab5E81ei9uymHyI4Vm9AZ07ejhYVednDNUWOoC9lNTG6S/w245-h150-p-k-no-nu/photo_2024-05-07_19-25-07.jpg

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e192600feff57a78ff3f63385529709dfa283188bc2770672471334a42850e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v69"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2024-05-07_19-25-07.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18537
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H3 200 photo_2023-06-17_00-12-43.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-OKLkAZPQBkBmVOF3NkITeTF1rtqxFGg2wzjHTnHmdTUCgdKaLIKZ2euOLoVmVI3NVy8yV_hrIzPpu-OkJcO3v4BqPmbyXYVYc8piWrkl-AOASzQ1GwLUSy2OdERvF26U_Fp7r8rvljMJwiu... 19 KB
19 KB 717ms
717ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-OKLkAZPQBkBmVOF3NkITeTF1rtqxFGg2wzjHTnHmdTUCgdKaLIKZ2euOLoVmVI3NVy8yV_hrIzPpu-OkJcO3v4BqPmbyXYVYc8piWrkl-AOASzQ1GwLUSy2OdERvF26U_Fp7r8rvljMJwiuJxgO9oS12eqoozcQmDXyl5c9yMH_eQFEcgjw2MqtYP1s/w245-h150-p-k-no-nu/photo_2023-06-17_00-12-43.jpg

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

6d86b086febbe957cbce2014080a08a2894b3ea2a19868e65b8c80926cf1f814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2023-06-17_00-12-43.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19059
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H3 200 ai-applications.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXv7I_2SesXEGf9fBcE8XXGgqOV4SjxsXxIXf9bycSN9WTOqL9uF5MZr1hW6h3ky8_OxivErNk3qmK_-JbyLeMaWliOkNkKdysKLWHetvEO-pLgsHzqgmdFtfgrQkk7T55iPqoWQt1hf6LdnuD... 14 KB
14 KB 917ms
915ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXv7I_2SesXEGf9fBcE8XXGgqOV4SjxsXxIXf9bycSN9WTOqL9uF5MZr1hW6h3ky8_OxivErNk3qmK_-JbyLeMaWliOkNkKdysKLWHetvEO-pLgsHzqgmdFtfgrQkk7T55iPqoWQt1hf6LdnuDipIV983RklJDinPuJeGtzA3t4YE7QPJ2XiJa3Vbs3Iv9/w245-h150-p-k-no-nu/ai-applications.jpg

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

138cfa3c7ca46d5da07c7a9a77c0c1662d4160e3c017fb3c8aa32637d104da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ai-applications.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13889
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:24 GMT

GET
H3 200 photo_2023-06-17_00-12-43.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-OKLkAZPQBkBmVOF3NkITeTF1rtqxFGg2wzjHTnHmdTUCgdKaLIKZ2euOLoVmVI3NVy8yV_hrIzPpu-OkJcO3v4BqPmbyXYVYc8piWrkl-AOASzQ1GwLUSy2OdERvF26U_Fp7r8rvljMJwiu... 5 KB
5 KB 726ms
723ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

b5a3f091884f66bb40b5b7bdb976ddffc6ce4ac51b45b163c8567e67c9c3f6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2023-06-17_00-12-43.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4775
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:24 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
545 B 894ms
294ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=00805c0f2d40442fec4c468679f91190

Requested by

Host: zovidree.com
URL: https://zovidree.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

31a2610f810fc6b9e632fd3e921d53aed83f3d674c7a439bfcba7614e691d2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ncnow.online
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 859ms
290ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z273GF3NH&gtm=45je45d0v9185043686za200&_p=1715691619721&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1696570944.1715691623&ul=it-it&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715691623&sct=1&seg=0&dl=https%3A%2F%2Fwww.ncnow.online%2F&dt=Netflix%20Cookies%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=9615
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z273GF3NH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 13:00:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ncnow.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
glaichaupu.net/ 2 KB
3 KB 296ms
293ms Fetch
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glaichaupu.net/?rb=8tgo-U9WN4-LkqCf7qo36ysgnsAnWz6bWkdIaAi4HnDwl7I1rSZe4w4Fm7AZllA9Iat4ctjqSRFdEIuahHFhDsVC3SWvqC7Tvy5A-1uUrA1Ejye25MlZBSy3boBT_Xl6jL6aVbvhqBu6_P3DbyTxpeAhklhLcM4J2pMHP1mzK_55437qn0hqk6YI1uIcVnFT6-H1O8Y2FpXWQmUl5dOSLnj-O0GfvACez9NcMp8nPZ_twIJ6hDJXyxnW4wVSMrG5g_gQ69NuKHpZfO6FhUlDhIj3O9Ukq9GM0vJeqVc3GroorpGp3GhytDIIx5Vev1xfzqs9kk7ZnTE%3D&request_ab2=0&zoneid=7477627&js_build=iclick-v1.793.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=40&wy=40&cw=1600&wfc=0&pl=https%3A%2F%2Fwww.ncnow.online%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FRome&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.793.0&navlng=it-IT&pnt=0&pnrc=0&bml=1&bmi=1&bs=09d3278a-44f6-45ae-9dc9-c6721fae7061&wasm=1&userId=00805c0f2d40442fec4c468679f91190&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.201&m=link

Requested by

Host: zovidree.com
URL: https://zovidree.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9cd4d06d22af38b2c68a465d040950aca84cb8343a4aac2b98d07fe8f6168ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 8b7d2b5377dd507a52d6619736c96a26
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ncnow.online
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 ad.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGxtI-G8uU7CaLzeCws5_VImcYDmaJjOKFsUbT7P58mjsppAoUwuFcjDWN5SVoQO0v8NFq2PRlnGarrBlBLFpwGCYbVpXYihN3vY4y85TF9MEthqqWo-AhgpRUFvSwFR-jAPjganWQKy7C1bZZ... 53 KB
0 0ms
0ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66173bbfa8c1dfe2171bcbe70fb3e0dfe9b59e05a1f73a5855ac71cef756ca5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ad.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53843
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:22 GMT

GET
H2 200 Untitled%20design.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm3vpj9BmqjR9M3F6xSu04R3YeNrp07hO2R2LZ2ZwCs2tAEgcesG-VlWDVx8HXF7MS3pL35z4qLEnWUGXopbcvwIjSs-BYvowtdi62bKOwf3DVI-dllFvZ-M824dKxG2KDhK-Jnv6o93jl0_KS... 31 KB
0 1ms
0ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

090fd68195ac9aef377444480c113966ee0f1fe08dda847c45809b57b2a989e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v71"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled design.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31612
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

6d86b086febbe957cbce2014080a08a2894b3ea2a19868e65b8c80926cf1f814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2023-06-17_00-12-43.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19059
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

138cfa3c7ca46d5da07c7a9a77c0c1662d4160e3c017fb3c8aa32637d104da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ai-applications.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13889
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:24 GMT

GET
H2 200 amazon%20prime%20video.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVvGseQP7IKYZtlaT6CUuQ-uMSungtvLTm7xUiJbUJLRkWfUVMcBiMBv-CCRp3HIf-2mFdza9mEi34Lh0SjMTK3eMrdqprXTAxn4qMALgzGLZUn71VYW_XEhiOJSLJB9edyp_lkNDJBXSioZgW... 40 KB
0 2ms
1ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecc3c3dbb804f2235c794a4e1e12969b1d5ba3939ceb74d9e8738deed1b30239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="amazon prime video.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41369
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H2 200 photo_2024-05-07_19-25-07.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicIRxUxCTdTEdhmQqKpb1tFaoKQ8KhmUzYV9o1Y0PdzgHl_5njnoHOQOOzFqaxIrOIqpgKWpW-vrKPr1u1IyL83BOv1LGb21kmCt_f-j4zx7xE54SU56KZpI-ep4vsDyyUgWwJH5T22YCpijAa... 18 KB
0 3ms
3ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e192600feff57a78ff3f63385529709dfa283188bc2770672471334a42850e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v69"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2024-05-07_19-25-07.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18537
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H3 200 photo_2023-06-17_00-12-43.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-OKLkAZPQBkBmVOF3NkITeTF1rtqxFGg2wzjHTnHmdTUCgdKaLIKZ2euOLoVmVI3NVy8yV_hrIzPpu-OkJcO3v4BqPmbyXYVYc8piWrkl-AOASzQ1GwLUSy2OdERvF26U_Fp7r8rvljMJwiu... 5 KB
0 0ms
0ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.ncnow.online
URL: https://www.ncnow.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

b5a3f091884f66bb40b5b7bdb976ddffc6ce4ac51b45b163c8567e67c9c3f6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2023-06-17_00-12-43.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4775
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:24 GMT

GET
H2 200 ad.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGxtI-G8uU7CaLzeCws5_VImcYDmaJjOKFsUbT7P58mjsppAoUwuFcjDWN5SVoQO0v8NFq2PRlnGarrBlBLFpwGCYbVpXYihN3vY4y85TF9MEthqqWo-AhgpRUFvSwFR-jAPjganWQKy7C1bZZ... 53 KB
0 2ms
2ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66173bbfa8c1dfe2171bcbe70fb3e0dfe9b59e05a1f73a5855ac71cef756ca5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ad.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53843
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:22 GMT

GET
H2 200 Untitled%20design.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm3vpj9BmqjR9M3F6xSu04R3YeNrp07hO2R2LZ2ZwCs2tAEgcesG-VlWDVx8HXF7MS3pL35z4qLEnWUGXopbcvwIjSs-BYvowtdi62bKOwf3DVI-dllFvZ-M824dKxG2KDhK-Jnv6o93jl0_KS... 31 KB
0 3ms
3ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

090fd68195ac9aef377444480c113966ee0f1fe08dda847c45809b57b2a989e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v71"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled design.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31612
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H2 200 amazon%20prime%20video.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVvGseQP7IKYZtlaT6CUuQ-uMSungtvLTm7xUiJbUJLRkWfUVMcBiMBv-CCRp3HIf-2mFdza9mEi34Lh0SjMTK3eMrdqprXTAxn4qMALgzGLZUn71VYW_XEhiOJSLJB9edyp_lkNDJBXSioZgW... 40 KB
0 3ms
3ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecc3c3dbb804f2235c794a4e1e12969b1d5ba3939ceb74d9e8738deed1b30239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="amazon prime video.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41369
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

GET
H2 200 photo_2024-05-07_19-25-07.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicIRxUxCTdTEdhmQqKpb1tFaoKQ8KhmUzYV9o1Y0PdzgHl_5njnoHOQOOzFqaxIrOIqpgKWpW-vrKPr1u1IyL83BOv1LGb21kmCt_f-j4zx7xE54SU56KZpI-ep4vsDyyUgWwJH5T22YCpijAa... 18 KB
0 3ms
3ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e192600feff57a78ff3f63385529709dfa283188bc2770672471334a42850e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v69"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2024-05-07_19-25-07.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18537
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

6d86b086febbe957cbce2014080a08a2894b3ea2a19868e65b8c80926cf1f814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2023-06-17_00-12-43.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19059
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:23 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

138cfa3c7ca46d5da07c7a9a77c0c1662d4160e3c017fb3c8aa32637d104da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ai-applications.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13889
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:24 GMT

GET
H3 200 photo_2023-06-17_00-12-43.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-OKLkAZPQBkBmVOF3NkITeTF1rtqxFGg2wzjHTnHmdTUCgdKaLIKZ2euOLoVmVI3NVy8yV_hrIzPpu-OkJcO3v4BqPmbyXYVYc8piWrkl-AOASzQ1GwLUSy2OdERvF26U_Fp7r8rvljMJwiu... 5 KB
0 3ms
3ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

fife /

Resource Hash

b5a3f091884f66bb40b5b7bdb976ddffc6ce4ac51b45b163c8567e67c9c3f6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.ncnow.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:00:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2023-06-17_00-12-43.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4775
x-xss-protection: 0
expires: Wed, 15 May 2024 13:00:24 GMT

GET favicon.ico
www.ncnow.online/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ncnow.online
URL: https://www.ncnow.online/favicon.ico

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
glaichaupu.net/	1970-01-21 05:20:27	Name: OAID Value: 00805c0f2d40442fec4c468679f91190
.ncnow.online/	1970-01-21 06:10:51	Name: _ga_9Z273GF3NH Value: GS1.1.1715691623.1.0.1715691623.0.0.0
.ncnow.online/	1970-01-21 06:10:51	Name: _ga Value: GA1.1.1696570944.1715691623
my.rtmark.net/	1970-01-21 05:20:27	Name: ID Value: 00805c0f2d40442fec4c468679f91190
www.ncnow.online/	1970-01-20 20:34:51	Name: prefetchAd_7477627 Value: true
glaichaupu.net/	1970-01-21 05:20:27	Name: oaidts Value: 1715691623
glaichaupu.net/	1970-01-20 20:44:56	Name: syncedCookie Value: true

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://www.ncnow.online/ Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
intervention	info	URL: https://www.ncnow.online/ Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ncnow.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
blogger.googleusercontent.com
cdnjs.cloudflare.com
fonts.gstatic.com
glaichaupu.net
my.rtmark.net
region1.google-analytics.com
www.blogger.com
www.googletagmanager.com
www.ncnow.online
zovidree.com
www.ncnow.online
104.17.25.14
104.21.16.31
139.45.195.8
139.45.197.244
142.250.181.243
142.250.184.225
172.217.18.8
2001:4860:4802:34::36
2a00:1450:4001:80b::2001
2a00:1450:4001:812::2009
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2003
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
090fd68195ac9aef377444480c113966ee0f1fe08dda847c45809b57b2a989e4
138cfa3c7ca46d5da07c7a9a77c0c1662d4160e3c017fb3c8aa32637d104da79
22a594c72e782e88ca9c7730c6746c3acd74f84a2612b63284de67e4573297d7
2e192600feff57a78ff3f63385529709dfa283188bc2770672471334a42850e6
31a2610f810fc6b9e632fd3e921d53aed83f3d674c7a439bfcba7614e691d2e8
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
4c03a5336a732105e289744c14b7fdc9270cb7e45eb57fdb08074304c75b1912
4e6a61df2aab7d90c9504b219483e1b122d9ed18355888cd66640faccd29cb61
4fee4e8adf8a451c97366229b7b974529542acd19c195be6fc76be1b8452ee7e
66173bbfa8c1dfe2171bcbe70fb3e0dfe9b59e05a1f73a5855ac71cef756ca5c
6d86b086febbe957cbce2014080a08a2894b3ea2a19868e65b8c80926cf1f814
7e088dcc1b0435ae26460f199b7362c41f885a5ec9ff8efc17d7e12ed053c123
8039c16c225d61d40e3de65ea3126f06e432c50ada30d458ffb87762118656a0
8bbad0a37c3c0d2b3cc405717481e900b666947ebdb45bfbf76262671bab9e0c
9cd4d06d22af38b2c68a465d040950aca84cb8343a4aac2b98d07fe8f6168ebd
b3287a4018a220fe4a205c68bbb34a847fe5038c5dfbe575dd538df025b0497a
b5a3f091884f66bb40b5b7bdb976ddffc6ce4ac51b45b163c8567e67c9c3f6f4
ccffda12d4002d59565466849044e53ff6734de84baa233f12a725662d8f8681
ce06d33c5b19e521b0bd671e5b58e20568a7f1a3ea1678a4cf52d5889771bb0b
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc3c3dbb804f2235c794a4e1e12969b1d5ba3939ceb74d9e8738deed1b30239
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

www.ncnow.online Open in urlscan Pro 2a00:1450:4001:82f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

46 %IPv6

11 Domains

11 Subdomains

13 IPs

4 Countries

756 kBTransfer

1739 kBSize

7 Cookies

11 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ncnow.online Open in urlscan Pro
2a00:1450:4001:82f::2013 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

46 %
IPv6

11
Domains

11
Subdomains

13
IPs

4
Countries

756 kB
Transfer

1739 kB
Size

7
Cookies

40 HTTP transactions
0 data transactions