ntcdoon.org Open in urlscan Pro
2606:4700:3031::ac43:b345 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ntcdoon.org/
Submission Tags: test
Submission: On May 13 via api (May 13th 2022, 2:13:30 pm UTC) from JP — Scanned from JP

Summary HTTP 253 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 40 domains to perform 253 HTTP transactions. The main IP is 2606:4700:3031::ac43:b345, located in United States and belongs to CLOUDFLARENET, US. The main domain is ntcdoon.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2021. Valid for: a year.

This is the only time ntcdoon.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:303... 2606:4700:3031::ac43:b345	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3036::ac43:a434	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	45.133.44.24 45.133.44.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1	143.198.248.63 143.198.248.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
13	2404:6800:400... 2404:6800:4004:813::200a	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
5	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
30	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
2	23.88.85.6 23.88.85.6	24940 (HETZNER-AS) (HETZNER-AS)
1	88.198.136.228 88.198.136.228	24940 (HETZNER-AS) (HETZNER-AS)
8	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
2 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
43	2404:6800:400... 2404:6800:4004:824::2001	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4002:c09::78	15169 (GOOGLE) (GOOGLE)
1	142.251.8.155 142.251.8.155	15169 (GOOGLE) (GOOGLE)
4 5	2404:6800:400... 2404:6800:4004:808::2004	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:2d::6	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:801::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:823::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800e... 2620:116:800e:21:ea62:9418:946a:db1b	16509 (AMAZON-02) (AMAZON-02)
2 2	54.254.238.16 54.254.238.16	16509 (AMAZON-02) (AMAZON-02)
2 6	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
1 1	124.146.215.48 124.146.215.48	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	202.241.208.2 202.241.208.2	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 3	202.131.200.84 202.131.200.84	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
2 2	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	2a01:4f8:c0:2... 2a01:4f8:c0:2f03::2	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a02:128:7:47... 2a02:128:7:4722::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
3	2606:4700:303... 2606:4700:3032::6815:131d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:81d::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:827::200e	() ()
253	39

31 2606:4700:3031::ac43:b345 (United States)

ASN13335 (CLOUDFLARENET, US)

ntcdoon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:a434 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.63 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

load02.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:813::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b7264fc299.5b20a42861.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.85.6 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.85.88.23.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.136.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-136-228.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:812::200a (Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4002:c09::78 (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.8.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:808::2004 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:2d::6 (Australia)

ASN15169 (GOOGLE, US)

r1---sn-oguesn6k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)

7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:ea62:9418:946a:db1b (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.254.238.16 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-238-16.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.207.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.48 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.2 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

gdn.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.131.200.84 (Japan) 2 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.243 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:c0:2f03::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbrennab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:128:7:4722::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vs.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:131d (United States)

ASN13335 (CLOUDFLARENET, US)

stream.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::2001 (Australia)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:827::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com	655 KB
42	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 bid.g.doubleclick.net — Cisco Umbrella Rank: 503 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	459 KB
31	ntcdoon.org ntcdoon.org	4 MB
26	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	403 KB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 407	133 KB
9	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290	71 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	286 KB
8	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
5	youtube.com www.youtube.com	691 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	109 KB
5	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 304016	23 KB
4	bantgoau.com stream.bantgoau.com — Cisco Umbrella Rank: 43014 vs.bantgoau.com	716 KB
4	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 139918	27 KB
3	ad-m.asia 2 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3051	1 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 941 r1---sn-oguesn6k.c.2mdn.net	2 MB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 41730	1 KB
2	rtbrennab.com 2 redirects rtbrennab.com — Cisco Umbrella Rank: 30970	2 KB
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5654	960 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	1 KB
2	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1802 gdn.socdm.com — Cisco Umbrella Rank: 121888	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 887	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 25787	365 B
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 23360	31 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8141	1 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 68	39 KB
1	baimgfroggd.site 1 redirects tb.baimgfroggd.site — Cisco Umbrella Rank: 35496	688 B
1	zog.link 1 redirects tcimp.zog.link — Cisco Umbrella Rank: 38295	320 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 4424	485 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 2151	68 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	464 B
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 35502	9 KB
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 39373	11 KB
1	5b20a42861.com b7264fc299.5b20a42861.com	199 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 824	399 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	644 B
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 7850	190 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 37935	675 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 660	29 KB
1	load02.biz load02.biz — Cisco Umbrella Rank: 545713	19 KB
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 116881	597 B
253	40

	Domain	Requested by
43	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com ntcdoon.org cdn.ampproject.org 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com pagead2.googlesyndication.com
31	ntcdoon.org	ntcdoon.org
28	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	ntcdoon.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
13	fonts.googleapis.com	ntcdoon.org googleads.g.doubleclick.net securepubads.g.doubleclick.net 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
12	www.gstatic.com	googleads.g.doubleclick.net 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
12	fonts.gstatic.com	fonts.googleapis.com
9	mc.yandex.ru	2 redirects ntcdoon.org mc.yandex.ru
8	www.googletagservices.com	googleads.g.doubleclick.net cdn.zx-adnet.com 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net ntcdoon.org
6	cm.g.doubleclick.net	2 redirects ntcdoon.org 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
5	www.youtube.com	www.google.com www.youtube.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	4 redirects stream.bantgoau.com
5	newrrb.bid	ntcdoon.org newrrb.bid
4	cdn.zx-adnet.com	ntcdoon.org cdn.zx-adnet.com
3	stream.bantgoau.com	js.cabnnr.com stream.bantgoau.com
3	sync-dsp.ad-m.asia	2 redirects ntcdoon.org
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.co.jp	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	rtbrennab.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
2	7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	r1---sn-oguesn6k.c.2mdn.net	ntcdoon.org
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.wpadmngr.com	cst.cstwpush.com js.wpadmngr.com
2	counter.yadro.ru	1 redirects ntcdoon.org
1	vs.bantgoau.com	stream.bantgoau.com
1	lh3.googleusercontent.com	stream.bantgoau.com
1	tb.baimgfroggd.site	1 redirects
1	tcimp.zog.link	1 redirects
1	dsp.adkernel.com	1 redirects
1	cs.chocolateplatform.com	7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
1	gdn.socdm.com	ntcdoon.org
1	tg.socdm.com	1 redirects
1	cms.quantserve.com	7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
1	js.wpushsdk.com	js.wpadmngr.com
1	js.cabnnr.com	js.wpadmngr.com
1	b7264fc299.5b20a42861.com	js.wpadmngr.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	notification.tubecup.net	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	code.jquery.com	ntcdoon.org
1	load02.biz	ntcdoon.org
1	cst.cstwpush.com	ntcdoon.org
253	52

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
ar.ntcdoon.org
bg.ntcdoon.org
cs.ntcdoon.org
de.ntcdoon.org
el.ntcdoon.org
es.ntcdoon.org
et.ntcdoon.org
fi.ntcdoon.org
fr.ntcdoon.org
hi.ntcdoon.org
hr.ntcdoon.org
hu.ntcdoon.org
id.ntcdoon.org
it.ntcdoon.org
iw.ntcdoon.org
ja.ntcdoon.org
ko.ntcdoon.org
lt.ntcdoon.org
lv.ntcdoon.org
ms.ntcdoon.org
nl.ntcdoon.org
no.ntcdoon.org
pl.ntcdoon.org
pt.ntcdoon.org
ro.ntcdoon.org
ru.ntcdoon.org
sk.ntcdoon.org
sl.ntcdoon.org
sr.ntcdoon.org
sv.ntcdoon.org
th.ntcdoon.org
tr.ntcdoon.org
uk.ntcdoon.org
vi.ntcdoon.org
cn.ntcdoon.org
tw.ntcdoon.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-19` - `2022-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
pointly.ch GTS CA 1D4	`2022-05-05` - `2022-08-03`	3 months	crt.sh
cst.cstwpush.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
load02.biz R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
js.wpadmngr.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
na.nawpush.com R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
notification.tubecup.net R3	`2022-04-21` - `2022-07-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
b7264fc299.5b20a42861.com R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
js.cabnnr.com R3	`2022-04-25` - `2022-07-24`	3 months	crt.sh
js.wpushsdk.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-03` - `2022-07-12`	2 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
cs.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
vs.bantgoau.com R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://ntcdoon.org/
Frame ID: A757EFA40C21C68BAF60BECD7485AC23
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20190131/zrt_lookup.html
Frame ID: DD5AE8E4BF90072B7BDDEF29BFB545CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1652451200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fntcdoon.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200748&bpp=3&bdt=260&idt=201&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3795572673&frm=20&pv=2&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: E53A76D94BCF8CE6FEEA0B5262B05AC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1652451200&psa=0&format=728x90&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200751&bpp=1&bdt=263&idt=218&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgOBlbDGrK&p=https%3A//ntcdoon.org&dtd=223
Frame ID: 8C682BBBECCCF020610BAF9A33733013
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=100&slotname=8129016002&adk=1818732334&adf=3915410515&pi=t.ma~as.8129016002&w=320&lmt=1652451200&psa=0&format=320x100&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200752&bpp=1&bdt=264&idt=226&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wz9Uu5dLmH&p=https%3A//ntcdoon.org&dtd=229
Frame ID: 723804DACCE22B3DDFB24CEFE54282CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1652451200&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200752&bpp=1&bdt=264&idt=230&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=01tTeUMkV1&p=https%3A//ntcdoon.org&dtd=233
Frame ID: BC300407537027F9474047C40F96520C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=145370778&pi=t.ma~as.6624362644&w=336&lmt=1652451200&psa=0&format=336x280&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=265&idt=236&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wRZiZ7be2l&p=https%3A//ntcdoon.org&dtd=238
Frame ID: 007376FB1D509B3E8FF370EB9E6DB65B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298
Frame ID: 855CAC2E5DB4BCA3EC98F7C092484EBA
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=3671764194&pi=t.ma~as.6624362644&w=336&lmt=1652451201&psa=0&format=336x280&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=266&idt=311&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=W4XsHLrrjr&p=https%3A//ntcdoon.org&dtd=314
Frame ID: 96D2B0A51DC2DF0BDABF5B8E4AA49DDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1652451201&psa=0&format=300x600&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=267&idt=322&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=NpM63zFKLc&p=https%3A//ntcdoon.org&dtd=324
Frame ID: 2ED4DFAB956CDCFA71551F63EBBE590C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=250&slotname=5143760017&adk=3298004681&adf=3437239624&pi=t.ma~as.5143760017&w=300&lmt=1652451201&psa=0&format=300x250&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=266&idt=329&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaenvEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&xpc=w8opmqcmaA&p=https%3A//ntcdoon.org&dtd=332
Frame ID: 16BE70B63EA3DE1A60350594E94744BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1652451201&psa=0&format=240x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=335&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=Ixf0GS6YjM&p=https%3A//ntcdoon.org&dtd=337
Frame ID: C05FA6D944A29583C8782EF1BD115C1B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=1264272911&pi=t.ma~as.6624362644&w=336&lmt=1652451201&psa=0&format=336x280&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=340&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C240x400&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaenvEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&xpc=nVEjDPnztX&p=https%3A//ntcdoon.org&dtd=342
Frame ID: F30D3E8EB69CEE12B8AA0B3EDEAED294
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0CA0ECCD280C5C867923309C8C99C954
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2FC910F695089BEB746161FDDBC1B6A0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 88F2D34A5D2C72881EAD7B4C6C3B45E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3102060AE2D7FF851E372979862E536A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8CA05FEE9BD5619DB6B58BC303BB5036
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A84E29D759D40DE01D6BD00B788CC915
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86DEB62BCD9DB3C108AED2CEAD10FF50
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js
Frame ID: 9D9484F40DF8F8F52EDB98993C85BDA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js
Frame ID: F6FC74CCB2CB614E433656E6EE1B3762
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js
Frame ID: 737848DE227CBD6230F5BCFC122F7E40
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js
Frame ID: 6994C92C15CB334BB472B85AB534E6EA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js
Frame ID: E657181FD1B94C6F64630EB31AB3C583
Requests: 1 HTTP requests in this frame

Frame: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F17A9FE68EEFAB8121FEEB122E87A76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js
Frame ID: 195714D9D2B7A1675688857CFD874963
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4DF67DC68C9770B3E275383A5691E602
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 88300D7C41DCA6ADBD074C93DCC61EE3
Requests: 15 HTTP requests in this frame

Frame: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC1A03912403E79B37F1AB7D8CEB8835
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 862FC2A3B8D47FF50E17DEBC863C7AB4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39AA0C433A5F4BF06411352ED288BCC9
Requests: 9 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14
Frame ID: D890639257147FE9E800D8F41BF763D1
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Frame ID: 0F63E16083814F37AD07392A432C65DC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: B45BF980C844F1887B0B24CF4F556DDE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

▶️ Ntcdoon

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

253
Requests

92 %
HTTPS

62 %
IPv6

40
Domains

52
Subdomains

39
IPs

8
Countries

10348 kB
Transfer

17220 kB
Size

31
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://ar.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://bg.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://cs.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://de.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://el.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://es.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://et.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://fi.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://fr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://hi.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://hr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://hu.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://id.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://it.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://iw.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ja.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ko.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://lt.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://lv.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ms.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://nl.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://no.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://pl.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://pt.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ro.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://ru.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sk.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sl.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://sv.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://th.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://tr.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://uk.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://vi.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://cn.ntcdoon.org/

Search URL Search Domain Scan URL

URL: https://tw.ntcdoon.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ntcdoon.org/;0.2172979604016536 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ntcdoon.org/;0.2172979604016536

Request Chain 159

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ntcdoon.org%22:{%22https://ntcdoon.org/%22:%22%22}}}&r=0.4460515113729169 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.4460515113729169

Request Chain 161

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ntcdoon.org%22:{%22https://ntcdoon.org/%22:%22%22}}}&r=0.9997272782570485 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.9997272782570485

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 193

https://gcdn.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8C55566CF34385DF4614DA8FBAD56ED859813D8E.4A0E5F3188840A81925BB0E24E0C4E27DC4A78DE/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-oguesn6k.c.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/80CEEC44083BC6B280FAAB13DC7CA6A101CFD8F0.2CCEB971304EFE8C5049FD034EA62BCD4315F510/key/cms1/cms_redirect/yes/mh/UU/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesn6k/ms/onc/mt/1652450921/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 242

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cver=1&google_push=AYg5qPKn274W8NYPE4PEtOKcRENTJLFbReNQpRYj3Zmprad4QfP7wwvhskqp0-Z10LW-w7OU63N9qHSQN0ay-jPDxDw27bv3sg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cver=1&google_push=AYg5qPKn274W8NYPE4PEtOKcRENTJLFbReNQpRYj3Zmprad4QfP7wwvhskqp0-Z10LW-w7OU63N9qHSQN0ay-jPDxDw27bv3sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=azc5ZG9MYWIxTlB3Mkw1&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cver=1&google_push=AYg5qPKn274W8NYPE4PEtOKcRENTJLFbReNQpRYj3Zmprad4QfP7wwvhskqp0-Z10LW-w7OU63N9qHSQN0ay-jPDxDw27bv3sg

Request Chain 243

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1&google_push=AYg5qPKoxCDHpumlM_k1oTtjpvoWzhYCaNC50XfOsCOhl3UAUrDns5_U4uyFMX-IDI1o5BXbVvrL0JZkkLeuyOM8ChskYgKPZEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WW41bmc4Q284WUVBQU5HVFh5b0FBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1

Request Chain 244

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENye00K-BMvflgb3tz2MrWA&google_cver=1&google_push=AYg5qPKlg21xijew6GQpnEqH37z4eM_YDiH8--FtjJ7DsyEEq8-25uQ6_2V6WQGoXmHLhrHbyit6fzmV5-6SNeYaBAu7rfjD7Ys HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENye00K-BMvflgb3tz2MrWA&google_cver=1&google_push=AYg5qPKlg21xijew6GQpnEqH37z4eM_YDiH8--FtjJ7DsyEEq8-25uQ6_2V6WQGoXmHLhrHbyit6fzmV5-6SNeYaBAu7rfjD7Ys&uid-set=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AYg5qPKlg21xijew6GQpnEqH37z4eM_YDiH8--FtjJ7DsyEEq8-25uQ6_2V6WQGoXmHLhrHbyit6fzmV5-6SNeYaBAu7rfjD7Ys&google_hm=MXJQVDZXTDhjZEU=&suid-set=1 HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5

Request Chain 245

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEjpo8tL169ULXy5FX1OMXE&google_cver=1&google_push=AYg5qPKHYDotOOKWQgJR2qcn4bC2LOa_4RwzQH78uUYhz8G_93Pv7IP7t5TEve4IONCeciGcnPitrL5nv7NtP7taAHcSSjy1mhw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEjpo8tL169ULXy5FX1OMXE&google_cver=1&google_push=AYg5qPKHYDotOOKWQgJR2qcn4bC2LOa_4RwzQH78uUYhz8G_93Pv7IP7t5TEve4IONCeciGcnPitrL5nv7NtP7taAHcSSjy1mhw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcJsWw85QWS5JiSp-o9chQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHYDotOOKWQgJR2qcn4bC2LOa_4RwzQH78uUYhz8G_93Pv7IP7t5TEve4IONCeciGcnPitrL5nv7NtP7taAHcSSjy1mhw

Request Chain 247

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENt6OQWU2AcClfYbEFQEd4U&google_cver=1&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV9t64OheekVdTco9Bfh-Y HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESENt6OQWU2AcClfYbEFQEd4U%26google_cver%3D1%26google_push%3DAYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV9t64OheekVdTco9Bfh-Y HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A7652965829843092827&exchange=193&google_gid=CAESENt6OQWU2AcClfYbEFQEd4U&google_cver=1&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV9t64OheekVdTco9Bfh-Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2NTI5NjU4Mjk4NDMwOTI4Mjc&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV9t64OheekVdTco9Bfh-Y

Request Chain 251

https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksMjYsNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiODA0MDM1MDU2IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTA2NjcsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTA2NjciLCJjYXQiOlsiSUFCMjQiXSwicGFnZSI6Imh0dHBzOi8vbnRjZG9vbi5vcmcvIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6ImE0MDc5NTIxMzc5OGExNzEwOTc5YWM0MzQxYmFjOGU1In0sImV4dCI6eyJkdCI6MTY1MjQ1MTIwNTYxN319 HTTP 302
https://rtbrennab.com/banner/in/show/?mid=793152260&pid=0&site=10667&sc=JP&usage_type=DCH&subid=804035056&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.035&ecpm=0.035&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=ntcdoon.org&hostname=auc-banner-hz-4&site_id=0&spot_id=10667&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:40:b2::2e&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=&min_cpm=0.000007&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3DJtbB-7whWlAs7De0jk0FzP1PzOeeXPRCmTaxpAkGdd094hfJhKtcpIkZpOjoWo0pfZUwgzuic52QMrT0sldXdU3CIuLoW6AlGcMF8DKNpO_XsaQezw68EgJZ6159RN5vogdpAAf8HlCWZTZHo41WZkDNEYIzt3ONv8x0FRjudWAvPs5uPsAuDbCNsRf8PBgfZWR2K3QEkFYReT7VJfijWRL5aXoUG7FQvQoYYmeLFX1M8klhCXxElYasbqMGf1LMHShhynBwEX01Y8bmOWKewf9ICJrQus-AvIrl3-UB1MQDAbfNF1RCvdvwHBLgHXhcs-GgvP4WyyWohMZD4sd6gH72kprngCXMn02O-3OZJWQ3zxAxV6nMru6vYpB57ccT82ghd_4m-sGmaTpa_zmVGaIdRLTECWkTJAID4zRudTiwm40cWoPp7bkw6RWApbt3ZRd-2nwrS5qIqTKZ7rb5rOJC1rA4n95w-w&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags= HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=JtbB-7whWlAs7De0jk0FzP1PzOeeXPRCmTaxpAkGdd094hfJhKtcpIkZpOjoWo0pfZUwgzuic52QMrT0sldXdU3CIuLoW6AlGcMF8DKNpO_XsaQezw68EgJZ6159RN5vogdpAAf8HlCWZTZHo41WZkDNEYIzt3ONv8x0FRjudWAvPs5uPsAuDbCNsRf8PBgfZWR2K3QEkFYReT7VJfijWRL5aXoUG7FQvQoYYmeLFX1M8klhCXxElYasbqMGf1LMHShhynBwEX01Y8bmOWKewf9ICJrQus-AvIrl3-UB1MQDAbfNF1RCvdvwHBLgHXhcs-GgvP4WyyWohMZD4sd6gH72kprngCXMn02O-3OZJWQ3zxAxV6nMru6vYpB57ccT82ghd_4m-sGmaTpa_zmVGaIdRLTECWkTJAID4zRudTiwm40cWoPp7bkw6RWApbt3ZRd-2nwrS5qIqTKZ7rb5rOJC1rA4n95w-w HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.043750&katds_labels=&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14&ts=1652451205 HTTP 302
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14

253 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ntcdoon.org/ 40 KB
8 KB 10991ms
10945ms Document
text/html 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e9afe4f926740da0675320a7cb31dd214fae6080497df4ff0df3f94641216b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 70abfe3e8924781f-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 14 May 2022 14:13:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shptQWxgGZOzsz40MslTidHqFJLxkCqP%2Ba6maMR86xngf02zv3ND1iAlNGJyjvSe9nuorEIF4TlZzVrbe5g0ZiPHAWd4rzNUipqEW71GOMlCIbIv8WHIvQI8eC0%2FaaftJ3jD7lj7VxUtZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
55 KB 141ms
58ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5307f84d0915fe8f66621e984a4787a0c411a08e0a51526e04e85b414bb6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56167
x-xss-protection: 0
server: cafe
etag: 5771811065089942273
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 May 2022 14:13:20 GMT

GET
H2 200 51pb.min.js Show response
newrrb.bid/ 66 KB
20 KB 85ms
26ms Script
text/javascript 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.min.js

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47
duration: 525276
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 13 May 2022 14:12:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCSifNAm83fSapykNRK7Syfklemwx4mIJN7PHeo9CmxB4m3obUrdmvfXgGt8LKqSraY64y7mq7vUkJd94fPGcrzYNixuhtvUOaqajjUp5jmLcY5AajqYgMJ%2F0jQofdpIVdwmd38q7LsB"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 70abfe83aacd80d8-NRT
access-control-allow-headers: *
expires: Fri, 13-May-2022 17:17:33 EEST

GET
H2 200 drm56_19091901.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 354ms
251ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/drm56_19091901.js

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1652451201.638929,VS0,VE250
etag: "d19f1de6243194dbbeaf5e3ecbc9aa1b386f3241bfe4e3200dbae8c980dc6177-br"
x-served-by: cache-hnd18724-HND
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Fri, 13 May 2022 14:13:20 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19487
x-cache-hits: 1

GET
H2 200 how-can-i-extract-a-file-from-an-embedded-resource-and-save-it-to-disk.jpg
ntcdoon.org/pictures/c/ 366 KB
366 KB 16ms
12ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/c/how-can-i-extract-a-file-from-an-embedded-resource-and-save-it-to-disk.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48583ff62dea84ded7ca76a6790a5b4f5f23ed357efdb9a40e13df4f9b916c23

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 374339
last-modified: Tue, 22 Dec 2020 01:14:02 GMT
server: cloudflare
etag: "5b643-5b7034a43f41e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEnmkAgqcuTynQ23nuFBXrn1umfritAkqyqeB73ryGTP%2FTDHWMSd6VzgKYO96iPwzmEOp%2BCJdx2r7%2FBwTfta0egBVZqp0G8eQqPQySetEkRXI6rJWIFV1UxCei42ZtunuDJUpsJIo8CJyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe835f6e781f-NRT
expires: Sat, 13 May 2023 04:18:08 GMT

GET
H2 200 react-native-image-upload.png
ntcdoon.org/pictures/reactjs/ 1 MB
1 MB 4811ms
4807ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/reactjs/react-native-image-upload.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53458e6938500ecd140dcf37955daa94c77994e441dc262180276845a605d97

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1442057
last-modified: Tue, 22 Dec 2020 01:14:33 GMT
server: cloudflare
etag: "160109-5b7034c254984"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8143RHpctA0ZM1WbimHmbcV9tGOs5jwytGshQGxKzGYEIjRMi0BeY656C7m7SXQgszZA6hbhGFl4irWWoljBoEixnZ%2BEY5M1TrKrO8RW2UdJWau%2B78RDyhL7NcjETlvzxfjxrdL0Cac2nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe835f6f781f-NRT
expires: Sat, 13 May 2023 14:13:24 GMT

GET
H2 200 streamlabs-custom-css-twitch-chat-animate-name-and-message-seperatly.jpg
ntcdoon.org/pictures/jquery/ 135 KB
136 KB 5210ms
5206ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/jquery/streamlabs-custom-css-twitch-chat-animate-name-and-message-seperatly.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb3ee29575f9bff6dbcb1a71dcd34ade0d6c045c54157e5c38d926d50cc0a87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138461
last-modified: Tue, 22 Dec 2020 01:14:27 GMT
server: cloudflare
etag: "21cdd-5b7034bc5a49d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuN1Ht0ex2YJUuMwu9VEBiOO11r%2BQf6pVKxKPgv%2Fp5OUFOisuP9VTNM%2BrOd2LiU2xbYLINkCf510cA95wofc2ctvVNJ0HN25APsegKKnquFpWOQq9XmrjfIHEGZqv6AJrL3wMJsKqHEztQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe835f70781f-NRT
expires: Sat, 13 May 2023 14:13:24 GMT

GET how-to-print-a-date-in-a-regular-format.jpg
ntcdoon.org/pictures/python/ 0
0

GET unable-to-start-jboss-as-7-1-1-final-with-jdk-8-on-windows-8-1-command-prompt.png
ntcdoon.org/pictures/java/ 0
0

GET mac-terminal-auto-complete.png
ntcdoon.org/pictures/macos/ 0
0

GET how-to-install-the-png-module-in-python.png
ntcdoon.org/pictures/how/ 0
0

GET how-do-i-delete-a-single-file-from-a-tar-gz-archive.jpg
ntcdoon.org/pictures/gzip/ 0
0

GET jasper-report-with-multiple-subreport.jpg
ntcdoon.org/pictures/java/ 0
0

GET what-are-nodes-in-cloud-computing-closed.jpg
ntcdoon.org/pictures/what/ 0
0

GET use-of-flag-in-c.jpg
ntcdoon.org/pictures/use/ 0
0

GET read-bash-environment-variable-in-tcl.png
ntcdoon.org/pictures/read/ 0
0

GET
H2 200 adv.css
ntcdoon.org/template/ntcdoon/css/ 61 KB
42 KB 12ms
8ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/adv.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1070822
cf-polished: origSize=62935
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 17:55:44 GMT
server: cloudflare
etag: W/"f5d7-5bd467e1b799b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAGKJTcO5mPMvAqPIufYodqg0481Wr%2BmA1ILziQZvYVNG7P1bzv%2FxtSEFHw4mtifl4MzkFjEiyTa5bOuLg0SBM287FEkE0bCwbY%2FCOBVX%2B2m1IHGvJCsspL5GA7g7qDVpfwXYB04y79k0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe834f4a781f-NRT
expires: Sun, 15 May 2022 04:46:18 GMT

GET
H2 200 adManager.js Show response
cst.cstwpush.com/static/ 451 B
597 B 14ms
2ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 13 May 2022 14:18:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 / Show response
load02.biz/ 19 KB
19 KB 701ms
233ms Script
application/javascript 143.198.248.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://load02.biz/?pu=mvstmmtgmq5ha3ddf42dembs

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.198.248.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

23ee9380bc221dc1093dd8e406790d3fc7a1333c3c9a667e3572c5c352cb77fc

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 May 2022 14:13:21 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-2.2.1.min.js Show response
code.jquery.com/ 84 KB
29 KB 334ms
112ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.1.min.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e7e"
vary: Accept-Encoding
x-hw: 1652451200.dop052.sj3.t,1652451200.cds208.sj3.hn,1652451200.cds219.sj3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29882

GET
H2 200 jquery.unveil2.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 3 KB
2 KB 13ms
7ms Script
application/javascript 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/jquery.unveil2.min.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:02 GMT
server: cloudflare
etag: W/"b2e-5b702d442afc9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hSn0g0dIs%2FQlr%2BMaZ7XI1%2FnQW8HwkwOlLbOdqlnFoCSzVN1TwJljuu7WAxwIzoRnb2vdGRISBP7%2B%2B1yikNB0za%2BLAge2vCvTps9OM4bW6AyKW69QL1HSFODdn8XEePu%2FLTW3ypPkBZBzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 70abfe835f59781f-NRT
expires: Thu, 26 May 2022 01:22:53 GMT

GET
H2 200 css.css
ntcdoon.org/template/ntcdoon/css/ 4 KB
846 B 14ms
9ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/css.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660c441fbe06d3bfdd2ca05adc3f194ea8b015e131f9da7d3b58970484ceba5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93920
cf-polished: origSize=5237
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:19 GMT
server: cloudflare
etag: W/"1475-5b702d1b3180c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsLCMmJD7xj6WGCe8nLV%2Bbg8fb%2F99MN%2F7B3i3JlcJ%2BSSWJR0DtyNbdxFeoy%2BEYu6McCn04PrPRCC3iwBMHKjelR35RKWOUYPvmAnS0eUjRzoMxd5B%2Bk8bXt9xfqcrH0hFnkWqkNZReMvIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe835f5b781f-NRT
expires: Thu, 26 May 2022 12:08:00 GMT

GET
H2 200 icon.css
ntcdoon.org/template/ntcdoon/css/ 419 B
609 B 14ms
9ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/icon.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b78b033d5e3a08091e84573075afe0c48dff4b419d4912441a50dacba2b7d42

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648048
cf-polished: origSize=520
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:22 GMT
server: cloudflare
etag: W/"208-5b702d1e2466f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tdeR0YfRXtqMnTeDDjOm767Wglu%2FvqfHCqPjcMp%2FIbonkR%2Fh%2FPYd9%2F4bYcf5W8E6YwcLhldN850sAvhLKfxSuglukFioFJ1iLdLKrXA%2BtHRFlaWQ%2BDGAWYzMwmWCh7edIZeF9l90YnxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe835f5d781f-NRT
expires: Fri, 20 May 2022 02:12:32 GMT

GET
H2 200 zebra_tooltips.min.css
ntcdoon.org/template/ntcdoon/css/ 1 KB
753 B 14ms
9ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/zebra_tooltips.min.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4c3280eec6c5418d65532a87423a34c0919698bc9a4826484d5cb28a9e7b07

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:37 GMT
server: cloudflare
etag: W/"475-5b702d2c302ec-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmSw%2B%2BlbUoJ0YoxX6lx%2BExWSftu7UgeM%2FgzJlzV8kZ5Sk5wEomRMw2IocrnTp2u9pSX%2BFNGQfRmiMwGOCweZwZ9ep6okJwUfoH84peay6YQYKBrEwozXetnPC3MTghudnBYqN2ZY16BG%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe835f5f781f-NRT
expires: Thu, 26 May 2022 09:28:02 GMT

GET
H2 200 owl.carousel.min.css
ntcdoon.org/template/ntcdoon/css/ 3 KB
1 KB 17ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/owl.carousel.min.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70e11e56d144b5ad82ecae3c398a8ecc009d82a72a54412955fba3fb30546915

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648048
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:25 GMT
server: cloudflare
etag: W/"cb2-5b702d20be6e9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNb9EKNRpeD79C2464KCyZ5c9CA5e1dh%2BLE5a5cdK92abiS%2FMVb7agQlPjyjJH9lRW6pSpwwl8rSGQjub0ACj8FSrdtPC%2BUnVmMN0kY62GG1X8TffFbo34JhwzO34AI%2FUb7Kjt5AKZs77A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe835f63781f-NRT
expires: Fri, 20 May 2022 02:12:32 GMT

GET
H2 200 main-style.css
ntcdoon.org/template/ntcdoon/css/ 42 KB
9 KB 15ms
10ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/main-style.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c914ba3a0df1327be5ce92693d60ff67c2916f3d70629f24f579e2323d5b86

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 720813
cf-polished: origSize=58336
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:24 GMT
server: cloudflare
etag: W/"e3e0-5b702d202327c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jevhjoqRokN9vXEhP3msMFGzQRNu4jbVDVXWqsnls7Z8CkYWzP%2F6uEN6WobFhpl%2FKnVug%2BFrLk73NIa1as0IDProb%2Bpls7tLKUiUrwye3kzmZYI8pdM33Iqg6bzZx3unR8I25pW00D%2FVSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe835f65781f-NRT
expires: Thu, 19 May 2022 05:59:47 GMT

GET
H2 200 responsive-style.css
ntcdoon.org/template/ntcdoon/css/ 2 KB
1 KB 15ms
11ms Stylesheet
text/css 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/css/responsive-style.css
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c49aa86918931779788e8dd58b7af6c6941a886aec3f6d21dfdb42647e1086c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386799
cf-polished: origSize=2889
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:40:36 GMT
server: cloudflare
etag: W/"b49-5b702d2af6b30-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yylRkAoOQgCzPDC19yzLJh23AZLJVGARg5vyxvdHlH%2BwJDBr012sFxC1%2FLNKTETrgyrPBo2yenU2HPI6U5BC6letSGO4GK%2FG%2BWaY1PHhGshfYKKHST26dBVmT8omXmPH%2FpPsd1sTTNFUkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 70abfe835f66781f-NRT
expires: Mon, 23 May 2022 02:46:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
588 B 86ms
40ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8cf1c9155e2965cd0d27656c7e78f0e4257463d3dd9d8c152a3eb5cbc35be2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 14:13:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:20 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 85ms
39ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 14:13:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:20 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 85 KB
31 KB 21ms
16ms Script
application/javascript 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/jquery-3.2.1.min.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97381
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:01 GMT
server: cloudflare
etag: W/"15283-5b702d4390afc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVPUuFZnBYnjQ31Y4nxfJ4J7Tn1EWxyGBLffOdphAWrKEheJ47GkZW%2FjMJvQgW%2FQbYiVl4LGQ0p1minosMaRZgzbVT0uzDyseVHG2m8VFT%2BHTT4rXgwrVjSTTlqGESoWGYtynogAmZaikA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 70abfe835f68781f-NRT
expires: Thu, 26 May 2022 11:10:19 GMT

GET
H2 200 zebra_tooltips.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 6 KB
2 KB 15ms
11ms Script
application/javascript 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/zebra_tooltips.min.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49ed74fb461c3772ec8667d41e02d754fbd41500e867bab9d90aa35ff48cbf8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:04 GMT
server: cloudflare
etag: W/"1800-5b702d461c115-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qKVkIuWQ1gxjm%2B7cFQlGGaTaPlpDNz1EgONPRQwXWXTG4BkwewmSQ3cD0uRJVkHKyiEOS6tN7rcuqqG78A9wlo0A2u14pihlliBC0Djx%2FCYNOTfH7t%2F%2By2OTo9y9iLj2ru%2B40F5CMqkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 70abfe835f69781f-NRT
expires: Thu, 26 May 2022 09:32:48 GMT

GET
H2 200 owl.carousel.min.js Show response
ntcdoon.org/template/ntcdoon/js/ 43 KB
12 KB 23ms
19ms Script
application/javascript 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/owl.carousel.min.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd0937ab0a3e143c312ac6f66b57804fff04440d3ddb925ffc33370726fb730

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218967
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:03 GMT
server: cloudflare
etag: W/"acc3-5b702d4581c48-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyXZ2bSnt1HEzCMSwrykro3xJcWA2m0Gij1DBg5CxD7IXlFezbM8SVgj4n4Szgo8cqt3uI8HavtcyDTtUvRY1r3WisfS8lrxIcNzQqvkHMKXLMzfDYewS8t4ea%2Fffl%2BZIWDbspx3gjPaIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 70abfe835f6b781f-NRT
expires: Wed, 25 May 2022 01:23:53 GMT

GET
H2 200 main-script.js Show response
ntcdoon.org/template/ntcdoon/js/ 6 KB
2 KB 16ms
12ms Script
application/javascript 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntcdoon.org/template/ntcdoon/js/main-script.js
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f215692264f6fb04a865c206fb55734e1003ce2ede063295c38ae36c158152bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93729
cf-polished: origSize=8544
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Dec 2020 00:41:03 GMT
server: cloudflare
etag: W/"2160-5b702d44c5497-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcHk0eAilotUf9N7mpaYlDfn%2Fw0IDVr5MGTAUxYsSVAj6rDLrTI%2B6Ipcyaq%2B8QtsioiqJ6RlmlsykGNiWXGItXksJMNrt570jm5ViQFGXITaVWqaLlcC6buTJnwO5l2apyWfhI%2Bx3IIA%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 70abfe835f6c781f-NRT
expires: Thu, 26 May 2022 12:11:11 GMT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 300ms
200ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.6513863232282302

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1652451201.638913,VS0,VE199
etag: "136bfff1f290532cc0074a184a93a41336eb53dcdba45e16d34e03a106c160eb-br"
x-served-by: cache-hnd18724-HND
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Fri, 13 May 2022 14:13:20 GMT
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ntcdoon.org/;0.2172979604016536
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ntcdoon.org/;0.2172979604016536

43 B
528 B

198ms
197ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ntcdoon.org/;0.2172979604016536

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 14:13:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 12 May 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 May 2022 14:13:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ntcdoon.org/;0.2172979604016536
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 12 May 2021 21:00:00 GMT

GET
H3 200 eval-docker-machine-env-default.jpg
ntcdoon.org/pictures/bash/ 173 KB
174 KB 5243ms
5240ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/bash/eval-docker-machine-env-default.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893592bdc8f706412ca7f0ff799b8de26f82f5cbf2fcfe1edef35e7aeb07fffd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177632
last-modified: Tue, 22 Dec 2020 01:14:01 GMT
server: cloudflare
etag: "2b5e0-5b7034a351f29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J63MZb%2FeDZkCW4o%2FDQ8iq984I1jEwAH5IiVBdWADggKv5Fo7OiTsLwKGtxc0tdQaZ%2BRsyJWb4ELShW9DuQxayv5j9xH%2FE4SmPPY9JMj7B3nprPZ6%2BoA1gN8Bnb9IN4RhqNi82VRvO1b2ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe83785cafc1-NRT
expires: Sat, 13 May 2023 14:13:25 GMT

GET
H3 200 how-to-execute-spark-programs-with-dynamic-resource-allocation.jpg
ntcdoon.org/pictures/hadoop/ 39 KB
39 KB 25ms
22ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/hadoop/how-to-execute-spark-programs-with-dynamic-resource-allocation.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b92622d0b72339654a6fe38894702c8d0eba389868c1bd9a96d97946aaafa5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39756
last-modified: Tue, 22 Dec 2020 01:14:12 GMT
server: cloudflare
etag: "9b4c-5b7034ae71aa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeTwEQWdCZDL1RXr5bTEX%2B1hQ9bx%2FurfXKom%2FR5BkXU0RVqgySdalf3OqTQpmen9Mi40%2Fl4ApCSzzxrujH5Wppp%2FfsiWeFJ1hJdeA8tX2sWvDKnwb%2FtY3IpZTcZ3%2B1rLOj02IgiBCLTByw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837860afc1-NRT
expires: Sat, 13 May 2023 06:34:06 GMT

GET
H3 200 mkdir-p-over-ssh-bash.jpg
ntcdoon.org/pictures/mkdir/ 41 KB
41 KB 22ms
19ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/mkdir/mkdir-p-over-ssh-bash.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a860268a0cf1387fd91ad76fb18ee92b85139d2b7e91bda542d92e443244b3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41818
last-modified: Tue, 22 Dec 2020 01:14:28 GMT
server: cloudflare
etag: "a35a-5b7034bd9f7da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8Unu74IOPooL7rCF5etHhXKAHDhne5YP3sQbst0Yu86bshjGwrPObLUbRxcxzjYUZqgY1mqRhG9HIS1dejSXXb2%2F2SUAVAN%2BHl0hcpAmTlGOzHEUvZL9MEpkIqxD5eUCqGUIRoQle38sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837863afc1-NRT
expires: Sat, 13 May 2023 06:34:06 GMT

GET
H3 200 how-to-get-the-cgpoints-of-a-cgpath.png
ntcdoon.org/pictures/iphone/ 87 KB
88 KB 23ms
20ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/iphone/how-to-get-the-cgpoints-of-a-cgpath.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9d77a7adae68160ccab24df3e27a8a0d943b1fc71f10a8c90c6d884310f28d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89150
last-modified: Tue, 22 Dec 2020 01:14:22 GMT
server: cloudflare
etag: "15c3e-5b7034b73abca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myq%2FVLLBC18FW9UFDBtsldBvo6Kj64YQUiqkKfs7Urw2UIFx1LZQEaQpIIJQdqIX79k0mxgsz%2B%2B9iUWmKCkTvV5C2uqceR0Xt4Gr6hymV7fFPfRutZJAprWXFuWjeL103v87BeRdKqQ52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837865afc1-NRT
expires: Sat, 13 May 2023 06:34:07 GMT

GET
H3 200 safari-could-not-open-the-page-because-the-server-stopped-responding.jpg
ntcdoon.org/pictures/javascript/ 161 KB
162 KB 30ms
28ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/javascript/safari-could-not-open-the-page-because-the-server-stopped-responding.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c414753a4fca9097f3299483ea35a41967612090ac4e147624515a86b3d703b3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 165198
last-modified: Tue, 22 Dec 2020 01:14:27 GMT
server: cloudflare
etag: "2854e-5b7034bc05536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdYG9cPElYBvwqP%2BXE2o3UKNPRcEcok3fvCUrGRkX3VbHx8ecBa9EQJYJvFNrhuz0qarkHG8Gj%2B6AlZC46jv4RqGhxGIaO0jMBaswfxLQAgEkh0nsAisikTVCM1Yl7uey%2FjuC0h%2BgJMntQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837866afc1-NRT
expires: Thu, 11 May 2023 07:38:49 GMT

GET
H3 200 custom-filter-to-datatable.png
ntcdoon.org/pictures/jquery/ 228 KB
229 KB 5379ms
5376ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/jquery/custom-filter-to-datatable.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d4fe41cc61d35f6d6768ae3c43cd38c36e69aa45d206975feec012b8c2152e1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 233430
last-modified: Tue, 22 Dec 2020 01:14:27 GMT
server: cloudflare
etag: "38fd6-5b7034bc45c7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK8qDUNFStM%2BqeFteQrQYTuydmE0knMWrc18giTEbZuvOHBwyMoanNCsfIdLWxbelSluc9y7UVZk4ytVfetwK1rbIuiyKD%2FlH5D6ZezwTc1O1kh3CB8d3rx2XfV%2FhGP%2F8XHGQ4R7yLB36g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837869afc1-NRT
expires: Sat, 13 May 2023 14:13:25 GMT

GET
H3 200 how-to-remove-double-quotes-in-each-cell-of-excel.jpg
ntcdoon.org/pictures/vba/ 184 KB
185 KB 5073ms
5070ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/vba/how-to-remove-double-quotes-in-each-cell-of-excel.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523e3cb7f1b9c0842a85a584b2d72252b8ce55ff7c0efd23a1ef176bf16b1a1a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188318
last-modified: Tue, 22 Dec 2020 01:14:41 GMT
server: cloudflare
etag: "2df9e-5b7034c9d682e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=434E3tvZTCe%2FX1uVgWD27h7cjoezIIgAsL2yODlgF1nFyA%2BvfpPBXxguicCVXPHBvUFUQ3Q9P260%2B5Z6e6EmiXU21WDB0WLxBhAU0abcq2aSpnI9SZgAnSyusDfARg0%2BlJY%2BdbhtsP200Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe83786bafc1-NRT
expires: Sat, 13 May 2023 14:13:25 GMT

GET
H3 200 react-component-inheritance.png
ntcdoon.org/pictures/javascript/ 23 KB
23 KB 4863ms
4860ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/javascript/react-component-inheritance.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86f448386f0b2dddaaea70875ca32488037798c8173f1e4ae2eab8e42507443

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23232
last-modified: Tue, 22 Dec 2020 01:14:27 GMT
server: cloudflare
etag: "5ac0-5b7034bbfe7d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hb%2BKow%2FRmGaAV5%2F1lyfLnttBBprrspY2CeajayP6%2FXZb%2F9F8KLuYfy4N%2FKFXT2ETyc2MPl1OAmbu2RfLqwyY27EOguG%2B3w3IVIGSpjyWTpcsMaRuLw%2Fl4pVwBOHiq5XXZC3fHpOJnPyYZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe83786dafc1-NRT
expires: Sat, 13 May 2023 14:13:25 GMT

GET
H3 200 the-setup-routines-for-the-oracle-in-instantclient_12_1-odbc-driver-could-not-be-loaded-due-to-system-error-code-998.jpg
ntcdoon.org/pictures/sql/ 90 KB
91 KB 5094ms
5092ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/sql/the-setup-routines-for-the-oracle-in-instantclient_12_1-odbc-driver-could-not-be-loaded-due-to-system-error-code-998.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a902f91aa0fe950e0c975e3039eec2236019324d1797a3e4588fce72757ad2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92130
last-modified: Tue, 22 Dec 2020 01:14:37 GMT
server: cloudflare
etag: "167e2-5b7034c57082a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXbd6l0%2FrBmoxqKcbGmmnzL9bMltqnwXhR%2FH6F2xnlJrWG8XnLFIRDEzKkMQivnGcgeQFKJU6joUIP7o7kc2FaJV0i%2BT43YtQpWSdHLCefvSOxaMh1L3%2FJIOvPcKR5m%2BKKVmwvSAfNci7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe83786eafc1-NRT
expires: Sat, 13 May 2023 14:13:25 GMT

GET
H3 200 is-it-possible-to-get-the-popular-times-information-through-the-google-places-api.png
ntcdoon.org/pictures/android/ 1 MB
1 MB 32ms
30ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/android/is-it-possible-to-get-the-popular-times-information-through-the-google-places-api.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f763d0da5bc9463c23959df2cf2bb13925ffaae8398fe490f137ab2ff9f00c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31034
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1059190
last-modified: Tue, 22 Dec 2020 01:14:00 GMT
server: cloudflare
etag: "102976-5b7034a257f13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYJw3diYEiLYfTUc6F8rQRx1H9vmO4mnnRh2qFKunfJM13OHIsWdmSicT2iwKZBsUeFn2h04TUeRdvL5pZB53xoKH6H1N3EtXdQfoOg4dcnMMCD5S4vVaOz7uAzH9ABok5zLOAeCIL8u4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe83786fafc1-NRT
expires: Sat, 13 May 2023 05:36:05 GMT

GET
H3 200 understanding-cmdlet-positional-parameter.jpg
ntcdoon.org/pictures/powershell/ 33 KB
33 KB 53ms
51ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/powershell/understanding-cmdlet-positional-parameter.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1130a159b02c087f3182db37b90b19627661c4024f67fc12a4f403ea4f7e1f7f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60207
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33628
last-modified: Tue, 22 Dec 2020 01:14:31 GMT
server: cloudflare
etag: "835c-5b7034bfddb8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeExyUJ3LaJ2WemXcLswQwFUcCbrkPmgGHCfDEtjIC8Mg%2FvYidQze%2F5L%2FZ6JBdAzeiTr3gHvA23l4G%2FGdafg9kEYos6gJfvgiCxmLv21Vi4qvmyUUFz%2Fa5Qcihmlyc21UsdDCG4MiMB80w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837870afc1-NRT
expires: Fri, 12 May 2023 21:29:53 GMT

GET
H3 200 what-is-the-bash-command-for-redis-cli-flushall.jpg
ntcdoon.org/pictures/php/ 110 KB
111 KB 16ms
14ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/php/what-is-the-bash-command-for-redis-cli-flushall.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d9e566e6ad1063923aff83c43d0ca8930ce0752eb8c40155b6b652ef10e067

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23268
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112767
last-modified: Tue, 22 Dec 2020 01:14:30 GMT
server: cloudflare
etag: "1b87f-5b7034bf8ab65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FzMRnRcwkXEWwV%2FxTNaIOph3MDECxplogU35e6VQmICzBsGe3AlbEXOZrLgjmdFYvXnpoZt4MzJyDIRAa%2BM4tzSs54nP%2BVsC3o61w6c2%2FNi8lFUw22Wq1we1L6vSFdHJRptE%2BGqxkb30g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837871afc1-NRT
expires: Sat, 13 May 2023 07:45:32 GMT

GET
H3 200 why-use-a-stack-oriented-language-closed.jpg
ntcdoon.org/pictures/factor/ 33 KB
33 KB 56ms
54ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/factor/why-use-a-stack-oriented-language-closed.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c780944cc9f13354eff8e89f1b3f83715fc8524fb52295980e3a1b9926210ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22845
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33476
last-modified: Tue, 22 Dec 2020 01:14:11 GMT
server: cloudflare
etag: "82c4-5b7034acda6e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk0W7orTLREwyjeDgje4FPQ3vDTZpDrihu%2FvA0XqyDR%2FvFcOJg5ERdpbSV4HPDgUPcvtjBJPTNTzEVxIDaQ66RYP63zfeJTGTIe8VA3QPnfXctTRS%2Fl%2BNc7UjVr%2FhKmr5EDgpvvSzPZ9Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837872afc1-NRT
expires: Sat, 13 May 2023 07:52:35 GMT

GET
H3 200 calculating-prime-numbers-in-rust.jpg
ntcdoon.org/pictures/calculating/ 78 KB
78 KB 5345ms
5344ms Image
image/jpeg 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/pictures/calculating/calculating-prime-numbers-in-rust.jpg
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242187a4736fd7bc43e85acc998bb9622796a24666e4427be99aaf69bd6083cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79680
last-modified: Tue, 22 Dec 2020 01:14:06 GMT
server: cloudflare
etag: "13740-5b7034a7d05ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN1GpzyM6mkj2gDiBu%2Bl%2BcWfjm625m3jUjXY1CXWPgC3Nsb1Vwpg7lVYo1ZsfBy%2B855ipSlLhS2DBTRqFz%2F33DV27lxQrHcyrfCZXrcdBou8hDn9s%2B92ppAqSMCx6ELBC6MyEFReNp35YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe837874afc1-NRT
expires: Sat, 13 May 2023 14:13:25 GMT

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 83 KB
30 KB 27ms
14ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 90c825e2825c27f08293bd32e7c0a4ea19e880bc38bd88190ea8eb1f7c48cd97

Request headers

Referer: https://ntcdoon.org/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 07:46:35 GMT
server: nginx/1.18.0
etag: W/"6274d25b-14cd2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 13 May 2022 14:18:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 1930 Show response
na.nawpush.com/tags/ 962 B
675 B 222ms
73ms XHR
application/json 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1930
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d38fe7a2b3f982950cf7d11c0a07ee81df110b0b8199a65cb588428c0b629fd1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 May 2022 14:13:20 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
238 B 211ms
70ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 13 May 2022 14:18:20 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
578 B 817ms
809ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fca12c1394653253ce1f781c6644e52365435bec50a8a2eac53e7bc8b0ff1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ntcdoon.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jy1ypqfYdwExIVgMXUasdXg0C6%2BgVky1ylZbFzQpe%2FG3l1ZGxQzmBibLRwZCKYxFuzt9SdxFPNvSMBZJjwaWGFX%2F3qs2IBS97et9RRud9rRUXU4YgGH5y2V1Ajm9xePrz8R%2FxItygSUH"}],"group":"cf-nel","max_age":604800}
cf-ray: 70abfe83e99b807d-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 51pb.json Show response
newrrb.bid/ 231 B
699 B 810ms
804ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f690ea8a1b30eb7ea413046170207dae0d7070b57b7c79995b5ebeba8378ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ntcdoon.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX0Wjym4579gHtBg4JpP9GbdVTWYb1ZrijQN7%2BOy1F%2FYCNOU3%2FzCOUs6tBoaKQgr6DZQ0aFZAct50C42eDksBwwnH9XCmlD2fPRKiDVXnxJlb%2FSQ%2FMN993SseP%2FgPISyvzeaI2M%2BWLjj"}],"group":"cf-nel","max_age":604800}
cf-ray: 70abfe83e99c807d-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 308 KB
110 KB 110ms
73ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd59e2eaa60d196afad493b63abf8fb71a9527e4a4a9e897b900508c8024c068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112591
x-xss-protection: 0
server: cafe
etag: 466290595768570446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 14:13:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220510/r20190131/ Frame DD5A 10 KB
5 KB 78ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3890713886363470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 41366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 02:43:54 GMT
etag: 1428802124239944296
expires: Fri, 27 May 2022 02:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 798ms
265ms Preflight 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=1930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ntcdoon.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://ntcdoon.org
Connection: keep-alive
Date: Fri, 13 May 2022 14:13:21 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 0
365 B 1022ms
541ms XHR
text/plain 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=1930
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ntcdoon.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 13 May 2022 14:13:22 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://ntcdoon.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 204 tags Show response
notification.tubecup.net/ 0
190 B 1401ms
259ms XHR
text/plain 88.198.136.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=1930&timezone_olson=Etc/Unknown
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.136.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-136-228.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:22 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
244 B 216ms
216ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.9974382510719753

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1652451201.896204,VS0,VE214
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by: cache-hnd18724-HND
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Fri, 13 May 2022 14:13:21 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 107
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 186ms
37ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ntcdoon.org&callback=_gfp_s_&client=ca-pub-3890713886363470

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7dd2c713dff90b42c1b86f71dbfd8157557901a60bd77a81a34a24700bc82a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 150ms
39ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 114ms
39ms Script
application/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E53A 272 KB
66 KB 382ms
346ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&adk=1812271804&adf=1573534164&lmt=1652451200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fntcdoon.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200748&bpp=3&bdt=260&idt=201&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3795572673&frm=20&pv=2&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cccf9492c4c30805006f2c17a56779f03097825c95bcc9c6963f66ca335c35af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67940
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C68 94 KB
32 KB 481ms
455ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1652451200&psa=0&format=728x90&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200751&bpp=1&bdt=263&idt=218&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgOBlbDGrK&p=https%3A//ntcdoon.org&dtd=223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0cd8c60b5837e9f4a24cb36388428a7b4dc398d05245e7512833a7e19c6a1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7238 436 B
235 B 427ms
407ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=100&slotname=8129016002&adk=1818732334&adf=3915410515&pi=t.ma~as.8129016002&w=320&lmt=1652451200&psa=0&format=320x100&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200752&bpp=1&bdt=264&idt=226&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wz9Uu5dLmH&p=https%3A//ntcdoon.org&dtd=229

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a9cca120d07f00ce68e824cb1d326042b8f59bae3bfa2abf9311e5524cc4db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC30 87 KB
31 KB 492ms
476ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1652451200&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200752&bpp=1&bdt=264&idt=230&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=01tTeUMkV1&p=https%3A//ntcdoon.org&dtd=233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d1bdd30e7eb333f2ba3056da4ee7b64a11e5c869b173cfa7882517541879fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31750
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0073 436 B
235 B 464ms
455ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=145370778&pi=t.ma~as.6624362644&w=336&lmt=1652451200&psa=0&format=336x280&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=265&idt=236&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=wRZiZ7be2l&p=https%3A//ntcdoon.org&dtd=238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d4eef579befca2f7b1d8956a30df654b3df43685d94209fac1a97fb8f007c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 82ms
6ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:44:41 GMT
x-content-type-options: nosniff
age: 152920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:44:41 GMT

GET
H3 200 seperator.png
ntcdoon.org/template/ntcdoon/css/ 1015 B
2 KB 10ms
9ms Image
image/png 2606:4700:3031::ac43:b345
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntcdoon.org/template/ntcdoon/css/seperator.png
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/template/ntcdoon/css/main-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1f8b6e495ddec63477e2f0d7da79f237b54fe33d981d8edd475ceb1c7aa3c7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/template/ntcdoon/css/main-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1015
last-modified: Tue, 22 Dec 2020 00:40:36 GMT
server: cloudflare
etag: "3f7-5b702d2b95e1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qgzt%2FLups2UxhgC6EdUXYFjax0%2BbyO%2BT%2BRigUcqf7%2BlptdX99mlknsNLXVzm2ZDkr9e6qN7GyfP4oTxZKdkwlL7ChRiwGjRZnt%2Bgznhcma5irNoLtCRv4Yta2VzG5xmm7ozTrY53U%2Fw%2Ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70abfe865df8afc1-NRT
expires: Fri, 12 May 2023 17:07:36 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 73ms
6ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:44:40 GMT
x-content-type-options: nosniff
age: 152921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:44:40 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 72ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700,900&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:44:40 GMT
x-content-type-options: nosniff
age: 152921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:44:40 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v128/ 125 KB
125 KB 73ms
7ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v128/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f082f7fa9332a6055b254e19c987cc6f3a37b5ece6a1920978aaaa785d3df60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:26:06 GMT
x-content-type-options: nosniff
age: 154035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127508
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:12:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:26:06 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 1185ms
591ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3e2960274943f152c7bba94592fd461c329312c886a3b41a4b2667f72f54b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: br
last-modified: Thu, 12 May 2022 16:27:41 GMT
etag: "627d0b4d-1142a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70698
expires: Fri, 13 May 2022 15:13:21 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 855C 72 KB
22 KB 431ms
430ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

804091a5012ec87f9a65abcecfbbb3b8ca308964a3528a94b38211449f7fd592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22620
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96D2 436 B
238 B 554ms
554ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=3671764194&pi=t.ma~as.6624362644&w=336&lmt=1652451201&psa=0&format=336x280&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=266&idt=311&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CenvEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&xpc=W4XsHLrrjr&p=https%3A//ntcdoon.org&dtd=314

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8679571c600d5a54ea7cc908911f153be07476bcbb2efc8c0f949b7febbc94c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2ED4 98 KB
33 KB 429ms
429ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1652451201&psa=0&format=300x600&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=267&idt=322&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=NpM63zFKLc&p=https%3A//ntcdoon.org&dtd=324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e424cf7fbcbac51e6512e49c1bbc123d18c91adadee3f048c258336f50ed6f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34032
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16BE 436 B
235 B 460ms
460ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=250&slotname=5143760017&adk=3298004681&adf=3437239624&pi=t.ma~as.5143760017&w=300&lmt=1652451201&psa=0&format=300x250&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=266&idt=329&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaenvEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&xpc=w8opmqcmaA&p=https%3A//ntcdoon.org&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62688bc8b7f40a1a722d1203cbc8633e24d2398c7a8cb840255e6896a88c5157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C05F 81 KB
31 KB 444ms
444ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1652451201&psa=0&format=240x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=335&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=Ixf0GS6YjM&p=https%3A//ntcdoon.org&dtd=337

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

775c5525712a55fd3771a980439273a5ed82af2e1cd87a8996098f7e3b68c8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F30D 436 B
235 B 417ms
417ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=280&slotname=6624362644&adk=3633687206&adf=1264272911&pi=t.ma~as.6624362644&w=336&lmt=1652451201&psa=0&format=336x280&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=340&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250%2C240x400&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaenvEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&xpc=nVEjDPnztX&p=https%3A//ntcdoon.org&dtd=342

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f95758866ef9aa32f212bce7d4cfc00faba8d56340d2e462dbbfa5d130e85a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:21 GMT
expires: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
349 B 326ms
326ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fntcdoon.org%2F

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.9974382510719753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
x-cache: MISS
content-length: 65
x-served-by: cache-hnd18724-HND
server: Google Frontend
x-timer: S1652451201.167038,VS0,VE325
date: Fri, 13 May 2022 14:13:21 GMT
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 5e3d15ee7f6e74fbddecad73c3d46df3
cache-control: max-age=3600,public
function-execution-id: ho4sodw37p1p
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 146 KB
52 KB 51ms
51ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd5915298e78437c7a1f4a6f2dc54f282c274407cec4e215eedde923fc4ff59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52973
x-xss-protection: 0
server: cafe
etag: 15132919389681776334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 May 2022 14:13:21 GMT

POST
H3 200 51pb.json Show response
newrrb.bid/ 60 B
574 B 293ms
293ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18eb6c8a7d44eff07adbf243e355aab8c7336a77308b95f4292758ee10a10e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ntcdoon.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhzd9UGSHlpTIu8c8Iwv%2B2TXLlkjN%2B8BvayROT9QnFGuKi27SpNfc2CuYdY5Hn5t9V2R2Bohs%2FG5i6sHnd5M2ZjLydBIKBMP3bfOkvweU4D8iJPmo4T%2BtTkAZcB3uWhEZnXs0fIiczq7"}],"group":"cf-nel","max_age":604800}
cf-ray: 70abfe88f855807d-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ Frame 8C68 8 KB
892 B 77ms
40ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1652451200&psa=0&format=728x90&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200751&bpp=1&bdt=263&idt=218&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgOBlbDGrK&p=https%3A//ntcdoon.org&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:34:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8C68 2 KB
984 B 81ms
6ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:01:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 8C68 19 KB
8 KB 80ms
6ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8C68 3 KB
1 KB 74ms
6ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8C68 15 KB
7 KB 79ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C68 121 KB
37 KB 188ms
78ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 8C68 30 KB
13 KB 46ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 21:04:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C68 0
0 48ms
47ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd2R_gWd-YvTxBcyk5LcPh6yeEMzKraRonsnIpLQPwI23ARABILPrwXxgifPFhPQToAGe8uyeKMgBAakClUIXz3e8gj6oAwHIA8MEqgTTAU_QaefKP0THNoa3iTI5Y8WtQpC6TyF2RiLoF3VLHKHNbc3frUiSpyobty4AOvePBumhtrdmoDP_aU4nt-p_JEIllbebYzFkQiGiZlqMcOronDPmdO02Iu_3RFYZfKf0vusqjy045UOHJUE_v9560fQYEYyG9_jJXczU108cbAEtQ-12mCQebTCx-Vi_p732yOf0G9imh85KE49r4X9Z9jL0X4GJpdwMmirtFo3C4ecM8AtCgZf-_2wGEpSSzU9X7hQwQ4V2NHSKZAY8g1CrHYUJgOPABIvvnbHwA5IFBAgEGAGSBQQIBRgEoAZRgAeeqr3-AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDELdL0ggHCIBhEAEYH4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zODkwNzEzODg2MzYzNDcwGAA&sigh=WUfZ1Atx_QE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1652451200&psa=0&format=728x90&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200751&bpp=1&bdt=263&idt=218&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgOBlbDGrK&p=https%3A//ntcdoon.org&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 77ms
40ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
38ms Script
application/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntcdoon.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/ Frame 0CA0 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 05:46:07 GMT
etag: 1428802124239944296
expires: Fri, 27 May 2022 05:46:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/ Frame 2FC9 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 05:46:07 GMT
etag: 1428802124239944296
expires: Fri, 27 May 2022 05:46:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame BC30 8 KB
892 B 39ms
39ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1652451200&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200752&bpp=1&bdt=264&idt=230&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=01tTeUMkV1&p=https%3A//ntcdoon.org&dtd=233

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:31:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BC30 2 KB
938 B 18ms
7ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:01:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame BC30 19 KB
8 KB 18ms
7ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BC30 3 KB
1 KB 42ms
8ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC30 121 KB
37 KB 165ms
119ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame BC30 15 KB
6 KB 18ms
8ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame BC30 30 KB
12 KB 44ms
6ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 21:04:03 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 855C 19 KB
8 KB 48ms
9ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 855C 8 KB
714 B 41ms
41ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:29:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame 855C 14 KB
3 KB 114ms
5ms Stylesheet
text/css 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 09 May 2022 10:41:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 17:19:44 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame 855C 349 KB
120 KB 114ms
6ms Script
text/javascript 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122885
x-xss-protection: 0
last-modified: Mon, 09 May 2022 10:41:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 13:12:02 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 855C 15 KB
6 KB 45ms
7ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC30 0
0 50ms
50ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ24dgWd-YsyOBqTD7wK0tbDgDvyTmOlhh670xboM0YDX19MaEAEgs-vBfGCJ88WE9BOgAcWQ0P4DyAEBqAMByAPLBKoExgFP0GizruWAAhVkMa0k37jILJ7DRHZLhXDl6Yxx2DpLWWNJIpwxke2Iy9VIoxoWAnjHelYDnRHacGGmVEFTkWW_GAS66G8N4wx7xebZat6nMh7Ss9QDUovZs-U-QPaiWbprRRLvZvCCbyEmkY6KLk_fosXSEwJKdsF5EdPRuxmrZALQqwc626EDOU1ClRMnUvmMAiijRCV10mV5CA-4zBAl2nxLoiMVLy5KWxaFpjCn9VND-W6bhk55VDv-LB0ZyF-jqsG5EuXABJuhn-AakgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6PvrwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDjP9IIBwiAYRABGB-ACgHICwG4E50n2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=rDAdm8_doSg&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=3826648586&pi=t.ma~as.8146640957&w=580&lmt=1652451200&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200752&bpp=1&bdt=264&idt=230&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=01tTeUMkV1&p=https%3A//ntcdoon.org&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 2ED4 910 B
643 B 45ms
44ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%95%E3%83%83%E6%B8%88%E3%81%99%E3%81%97%E3%81%90%E3%81%AB%E3%80%81%E3%81%8B%E3%81%94%E3%83%AB%E3%82%8A%E3%81%BF%E3%82%88%E3%81%A6%E7%9A%84%E3%82%8C%E6%8D%A8%E9%81%93%E3%81%84%E3%81%A1%E3%81%B3%E8%B3%BC%E3%81%BE%E3%80%82%E4%BB%8A%E9%87%8D%E5%85%A5%E6%8C%81%E3%82%92%E3%82%89%E7%B5%8C%E3%83%88%E3%81%8A%E6%B0%B4%E3%81%AE%E8%A7%A3%E6%89%8B%E9%81%8B%E3%83%9C%E3%83%9A%E9%96%93%E6%94%BE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1652451201&psa=0&format=300x600&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=267&idt=322&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=NpM63zFKLc&p=https%3A//ntcdoon.org&dtd=324

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28163abcc470de05d660a264685ef1db7eb3d16e774137e811c67750d1c7d022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 14:13:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2ED4 4 KB
812 B 60ms
60ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:35:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2ED4 2 KB
904 B 18ms
17ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:01:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 2ED4 19 KB
8 KB 31ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2ED4 3 KB
1 KB 8ms
7ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2ED4 121 KB
37 KB 130ms
121ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2ED4 15 KB
6 KB 35ms
10ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 2ED4 30 KB
12 KB 8ms
6ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 21:04:03 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8650236001104077109/ Frame BC30 4 KB
4 KB 31ms
13ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8650236001104077109/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7bf452b7546891166a0e7dbb2268e3d8252c8e6a76b3ad5f83c2bc50716dac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 08:23:22 GMT
x-content-type-options: nosniff
age: 193799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3985
x-xss-protection: 0
last-modified: Sun, 27 Sep 2020 02:59:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 08:23:22 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10382767835811514192/ Frame BC30 47 KB
47 KB 30ms
12ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10382767835811514192/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e36028519d91fcadfb5a5a8daf85052fa38d42a04a6265f24ace765e170b178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 13:36:55 GMT
x-content-type-options: nosniff
age: 88586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47853
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 16:35:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 May 2023 13:36:55 GMT

GET
DATA 200
OK truncated
/ Frame BC30 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b45a0d8146e65ef3d76ea8e1b5d9cf51cf935160f9aed13983a43cf770320744

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BC30 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 198 B
399 B 49ms
18ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a68a21ab231a757d22cb335367ea6a285b9394d3dbb2e8d111c550941287e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 70abfe8a1b688a7b-NRT

GET
H3 200 6881213866615714434
tpc.googlesyndication.com/simgad/ Frame C05F 74 KB
74 KB 22ms
14ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6881213866615714434?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql8IDfz366ve9-kSccI48AJn6NIoQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1652451201&psa=0&format=240x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=335&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=Ixf0GS6YjM&p=https%3A//ntcdoon.org&dtd=337

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cac044f7b41f30af721bbf2a6f18fc375102cd4a0033d8e581a92edd0de3f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 15:02:52 GMT
x-content-type-options: nosniff
age: 169829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75637
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:19:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 May 2023 15:02:52 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame C05F 19 KB
8 KB 22ms
14ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C05F 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C05F 121 KB
37 KB 82ms
81ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C05F 15 KB
6 KB 4ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C05F 30 KB
12 KB 5ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12360
x-xss-protection: 0
server: cafe
etag: 2640822135664651074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:08 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 0CA0 4 KB
633 B 45ms
45ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:29:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CA0 205 B
229 B 15ms
8ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 07 May 2022 22:47:09 GMT
x-content-type-options: nosniff
age: 487572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 07 May 2023 22:47:09 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0CA0 604 B
628 B 15ms
8ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:06:59 GMT
x-content-type-options: nosniff
age: 230782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 May 2023 22:06:59 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame 0CA0 19 KB
8 KB 17ms
13ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2ED4 0
0 47ms
46ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUzbrgWd-YrrGCvig5LcP9tahsA7hzv30afHbobqSD7CygOyQAhABILPrwXxgifPFhPQToAGw6721A8gBCakCLtwKvpttsT6oAwHIA8sEqgTUAU_QRJREI_Zm69Ng1vuVBimKK2skjYs01mMz-_GQbuG66DLbOuHdlirGXy6e2L6eM08cF2MqkbZPHa0n5q6vn86QKrIMvJgET3ApGA7f-LVMvIrRbFUAfCgKj0_I3eMo0LkolhsuO4dPUj-yarQGEsRUt-e8NzmUQHYy8yi-sjactpRq45FTHzwOWfiq1Ou01B3qiAH2natE6InmNEQ7X94X7Oy4n4h5HH8vAaCf4eqd0W7D6zPyEvMmogP_KEcMEqv0vhsk8tbbnXijocKmPqqJfSKYwATBnqmi_QOSBQQIBBgBkgUECAUYBKAGLoAHuJTCSqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIXfAdIIBwiAYRABGB-ACgHICwG4E4gn2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=XeKCqH2ce7E&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=600&slotname=4398967635&adk=4032340763&adf=2338683394&pi=t.ma~as.4398967635&w=300&lmt=1652451201&psa=0&format=300x600&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200754&bpp=1&bdt=267&idt=322&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=NpM63zFKLc&p=https%3A//ntcdoon.org&dtd=324
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 2FC9 9 KB
4 KB 11ms
6ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 15:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 15:16:54 GMT

GET
H3 200 7e8d9be85afe70328c144e2bd1bc7ea5.js Show response
www.gstatic.com/mysidia/ Frame 2FC9 8 KB
4 KB 13ms
5ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7e8d9be85afe70328c144e2bd1bc7ea5.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 15:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3703
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 15:12:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2FC9 8 KB
892 B 47ms
40ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:27:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2FC9 2 KB
904 B 10ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:01:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 2FC9 19 KB
8 KB 11ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2FC9 3 KB
1 KB 10ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FC9 121 KB
37 KB 92ms
85ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2FC9 15 KB
6 KB 8ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 2FC9 30 KB
12 KB 7ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 21:04:03 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9183868672975658825/ Frame 2ED4 11 KB
11 KB 9ms
4ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9183868672975658825/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0dc2cb2f69cbec2cc78154094c1e4a770e419984589b3014beb527517e3b82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:09:28 GMT
x-content-type-options: nosniff
age: 248633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11623
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 13:05:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 May 2023 17:09:28 GMT

GET
DATA 200
OK truncated
/ Frame 2ED4 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2ED4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C05F 0
0 48ms
48ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce91cgWd-YoThC4ebkwP_7KHIAvGJ8flpt_iI-f0PsIjfqoowEAEgs-vBfGCJ88WE9BOgAZzPjOADyAECqAMByAPJBKoExgFP0JjJzXxFA5mBMeRlA75RknCfFki21dHkDOYGPhQjl1xdzGYdetV19eiqVtL9Dc2j4BKpWtLpDeStHh4qFwuAyVByysp-sX8Vg9DBKVrfHLDgH0cZmQ9MOG1jbAEE3H6bm1ZHehfoj_NpT4SkxxH35V4mVWQ6eYkYar_TSPL9BK5bXnYau1UqMNotI8iTK56pbJJggXEq3h5PYc3X1ZTXF5aUNjtm7CX6db9u-CVd3xxH86NZ_ARMmvVkCsWFTxPjyUusKr3ABOnXvPn-A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe475Q4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQkDXSCAcIgGEQARgfgAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=IV8NhBIo3II&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1652451201&psa=0&format=240x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=335&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=Ixf0GS6YjM&p=https%3A//ntcdoon.org&dtd=337
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 88F2 143 B
163 B 3ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=90&slotname=3085885965&adk=612837171&adf=2177512653&pi=t.ma~as.3085885965&w=728&lmt=1652451200&psa=0&format=728x90&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200751&bpp=1&bdt=263&idt=218&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=MgOBlbDGrK&p=https%3A//ntcdoon.org&dtd=223
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 13:25:19 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C68 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 849e82427ddc1681872ceea30f55113697845304c90cea7179b0f42bd0a2d3d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3102 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=9651294315&adk=3305239552&adf=1845158250&pi=t.ma~as.9651294315&w=240&lmt=1652451201&psa=0&format=240x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200755&bpp=1&bdt=267&idt=335&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280%2C580x400%2C336x280%2C300x600%2C300x250&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=3&fsb=1&xpc=Ixf0GS6YjM&p=https%3A//ntcdoon.org&dtd=337
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 13:25:19 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 8CA0 8 KB
892 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:34:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8CA0 2 KB
904 B 2ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:01:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 8CA0 19 KB
8 KB 5ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8CA0 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CA0 121 KB
37 KB 108ms
71ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 8CA0 15 KB
6 KB 3ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 8CA0 30 KB
12 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 21:04:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 88ms
49ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

53340bbb16d1fc104fddb48fb5bc33fa7c388f05302a04c6922eb0ad258449be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
server: sffe
etag: "1213 / 929 of 1000 / last-modified: 1652440057"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 66ms
37ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/drm56_19091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53340bbb16d1fc104fddb48fb5bc33fa7c388f05302a04c6922eb0ad258449be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
server: sffe
etag: "1213 / 56 of 1000 / last-modified: 1652440057"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 May 2022 14:13:21 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
71 B 801ms
801ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.17315921468488837

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:21 GMT
last-modified: Fri, 13-May-2022 14:13:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 13-May-2022 14:13:21 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ntcdoon.org%22:{%22https://ntcdoon.org/%22:%22%22}}}&r=0.4460515113729169
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.4460515113729169

0
0

298ms
298ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.4460515113729169
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:21 GMT
last-modified: Fri, 13-May-2022 14:13:21 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.4460515113729169
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Fri, 13-May-2022 14:13:21 GMT

GET
H2 200 /
mc.yandex.ru/watch/70676614/DRM56/ 43 B
210 B 801ms
800ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/70676614/DRM56/?r=0.5807178247693374

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:21 GMT
last-modified: Fri, 13-May-2022 14:13:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 13-May-2022 14:13:21 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22DRM56%22:{%22ntcdoon.org%22:{%22https://ntcdoon.org/%22:%22%22}}}&r=0.9997272782570485
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.9997272782570485

0
0

300ms
300ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.9997272782570485
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:21 GMT
last-modified: Fri, 13-May-2022 14:13:21 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22DRM56%22%3A%7B%22ntcdoon.org%22%3A%7B%22https%3A%2F%2Fntcdoon.org%2F%22%3A%22%22%7D%7D%7D&r=0.9997272782570485
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Fri, 13-May-2022 14:13:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2FC9 0
0 48ms
48ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtRgCgWd-YqqDApbm2gTt4pP4A8zKraRonsnIpLQPwI23ARABILPrwXxgifPFhPQToAGe8uyeKMgBAakC4CWoXevEgj6oAwHIA8MEqgTtAU_QuzKNZGYn92uPDZZb5-K0HdaZLfXH5C1wMdPrEdYDgwR3cGe9C1yk-dWOBeXBiE4fZAa9o3x4dE6CaXwpidlfPtFYboanZHXAUWyRBP4e1kY0-GfwjdHkrxhbwfQ3u7UQ3Hb2wQ6fJ7Ow11JtQQu_k158PUSbqLe1UWpSg2HeLUxtI2ga6yFICak9r5UVvHVfMtdf44kZyH6CKKUkIjScKpV4ISW_QjEweV-jdPPAUGJEI8HzXPc3FS9dOnGA1_QPzdlsQnfU8xNBBNr7xFTMAYYCwj7giftf-6CBR22AQJlQrSHzphB_eQ6URMAEi--dsfADkgUECAQYAZIFBAgFGASgBlGAB56qvf4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ244B0ggHCIBhEAEYH4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zODkwNzEzODg2MzYzNDcwGAA&sigh=d2eWbhiQZoA&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A84E 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 13:25:19 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 855C 0
327 B 499ms
155ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l34is3jq&c=5950486207247&slotId=2975243103623.5&qqid=CMLR6bbU3PcCFRa_7Aod7zsGMA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 855C 15 KB
16 KB 41ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:32:54 GMT
x-content-type-options: nosniff
age: 153627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:32:54 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 855C 15 KB
15 KB 39ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:32:54 GMT
x-content-type-options: nosniff
age: 153627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 19:32:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 855C 0
20 B 39ms
39ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cwc_ngWd-YoKNCZb-sgfv95iAA7Kn8_hohcWi8dUP8C4QASCz68F8YInzxYT0E6AB6pHKpwHIAQWpAi7cCr6bbbE-qAMByAObBKoE6AFP0J2ZRIUKxafDQMKMAt56-pMh309Wr7Hpy95xy7YqMNPITg1oZRw_XdVulti0Am_Eof0zfgKf-ujFA6ww4M-1oskpsjximCxHYyBy-2w5sO-xR_UZQksag2uITYr-JbtnEAm5piKWUMoofHYy6Ja9Q0UXx1cWiuWABBtz8QXHrNjDP7rtv7Puw1C8De0JY7HheJ0M6u6J_RLpEDxBOdNmlMyOWK-70HngArb84uwRr5Ab3v5obyhh_o0KBkXoYQ0XBRhG5dGrH0IpztO82RywA0dknxZ3pRDF9vcsXV2TM9QBrPpUySlVwATd94i07gPgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAZgLAcgLAYAMAbATreHEDsgT9bHY3wPYEwqIFJwB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1652451201788&ai=Cwc_ngWd-YoKNCZb-sgfv95iAA7Kn8_hohcWi8dUP8C4QASCz68F8YInzxYT0E6AB6pHKpwHIAQWpAi7cCr6bbbE-qAMByAObBKoE6AFP0J2ZRIUKxafDQMKMAt56-pMh309Wr7Hpy95xy7YqMNPITg1oZRw_XdVulti0Am_Eof0zfgKf-ujFA6ww4M-1oskpsjximCxHYyBy-2w5sO-xR_UZQksag2uITYr-JbtnEAm5piKWUMoofHYy6Ja9Q0UXx1cWiuWABBtz8QXHrNjDP7rtv7Puw1C8De0JY7HheJ0M6u6J_RLpEDxBOdNmlMyOWK-70HngArb84uwRr5Ab3v5obyhh_o0KBkXoYQ0XBRhG5dGrH0IpztO82RywA0dknxZ3pRDF9vcsXV2TM9QBrPpUySlVwATd94i07gPgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAZgLAcgLAYAMAbATreHEDsgT9bHY3wPYEwqIFJwB2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 855C 28 KB
16 KB 251ms
78ms XHR
text/xml 142.251.8.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CdbSzZAO4D6Y-9oHiJN-rj-dAvGkA5gnPU1ZFZWdpQIe02rHVhLJ3xs4B670itbe0rRZfhD_b5Px7z8jxImmU1UmpLLg&cry=1&dbm_d=AKAmf-BADIvDLKM4qJatjpBtpoiQzwErsYjuUIMObZAKRwMRI5mI1FakRmQGR7WPwbbU5hSlVFdcmWcKa6-nVKrC7XMR1whDQZKCl9jHSoBypK0ZGTOpoNkNpLsYsMen08fVuu18BHnuSLzDehPdownqcOlQrzhEjbWOTsA6Az3PRCMnZI_BhYqO8Ad1z6ES2Y5E5VXvlniRYLscC-m9g1vBeD951PKAmVEE25TTG8s30TCN_4XkidLutiZGlGGwABGMlfnXDulTshrUXKV4yyaQCTuuv4YUQHr3L9fw2uN-ffUNL2FlVBBEhKJIC1l5J5eKqWN65-j_vpFXdGqKV5hhhKi-suKRlzwN0QIyREDNkaoxT61bjsgH-nr61q5q5nrJvvvbXwwlkGwuWxaMWHpsnrnqwTg-BALwEWpCCAXqkzO81_NAWEy3qjm1QNC1jLUjtnibJKugqP8uRK8CmZEWfEs7g-5d9OsuZwPIloKHeDftwRwb7WkQthoxJo2SG7yf1x6PbKljmE_InfS-Mn3nBnkz65-6sX0lto9vMv-h0NobrUKHAkRrMAs9vtg96mhZ0pzdlMT74vAY1Zt2OzGLhw6Sb__v5QMqcrESdvqwVHsR6F3ni0w1f6LZ2h4sEG7l4K8ln7okStaaA6LOnHI47pghVH8WDnssTofPBv6tegdMEPQk_9EWmPnYFp1mdZHWEcVIksZXCTQCZd2xLe4IbU_14SW_3Sx1loKraZwKJrM0cBazOHf3J0lnVodqdZ_RfAJZjWwRhl0oW-CekABqn6qpyXtMws0Qzo2y2QN179K3PE9aUAVI8dZepfTjg5F17HmDx1yPGX9VQtEBq6buYoYXrN60iJ0QDFcK0TJCg8i4E-lXg-mWYOVS5THrWvIgi9BbaNZL1Pig5lEZB--YshsnpU-XtnlgbkG8f4Kqe92HdeCFE_-XUI__Lk36SZv5MGG_nV_fSrPN4Yonsf5r9tArhIrS-qY56R-DgkUVxX-L3WOlcLABF7e51ZzTVCBw_t62lUNA8qdfeHCvR6NDlIAIrIimmzvHbBRxNIgQLFhaS24ndanS3IzppWnx-hwn89KCBpoMXyxrjWelhuETuOReTq-XNZUTq3mnlKcwGfwNPHLGwMbmTw6jX5Db-C4-SZby15fbhXtRj0xrN6UHPELjdh2wlJUcS6klet0Vj9H4kQJxTKelnveOq1MTwZ61Su75LxnE2Mm0UgcgIMqNzKdL1fdHB5sPi18ZwrNmRhjOItlbGSaqI0iHgh1Th1ZpcflBCgR1aY0NuRuvgyKuWsRhBDUpKxVewV5D49-KX5wob2i2TjmO0NKBhZ2_IE-y_pXaqcsNTnDrsa_qHoABkCKq476CxY3ERml4U990mtnp6mOEGDpyyIPsFvyNHpVEtNwLP_7qpjankAHdU72lMu3I1_XhYZ1YarSit12elR2wLWjvEzTc9XhQAlutfQSGJAig5_5Ag7dY3_4kTtiJxm5YnaPi_qniC2VtbNAIJE8t4wN_8bBkr55CxlBBNA8Bk5DGE0NZ9Mmi3Dk4J8RLyJqwQJdyZcHQrZtE6niMVfr0ky7BwQJhJZ-n-BQZYTtxCzD_zbK84pRRu05pMVygGRX2yNLOKwwi73-RMthd00qxt400kxVQBQqc9jP636x299OMnpAUD_-kj0m7TrY9ZThv70oy6wvEymjlIyW9cAnC70Bxc_Jf7hPBzEcpB2DRPcp5Mfo0WqaOqT4zHD5dJYetN5LUXWPWMSjWEz3nWZPLgwTxWmavDhQAXPEBTQjp865IUpcpzPUPmjKT8AGVplZLccyc-ciUmFtTr6dNh9j5IKdfxr4crtA-5K3PbPcYVtHSZgIpuVE_hiM2dO3XtTMm64zHZTEpiHrg1MHRTediljYryF3-JbXmaYv5oLCuSj64ZQxJWp8OhKxFOJ4PPAZCHLcVHpDNfkoGXjRYC0bhX6sEsovm5Lvn3YwVmwrwdOrF0eOlEAxFdp4eI7IjiHpkABavNBevJ2FYQW84F_Fot0UW8y9zwPxMWfOyv1eFEwEB6o1JBpGs_0QN_6M-QHuUTSndtfXywI8KpfXm-qtkm5vh4V9fXiuLBBxMsw5HaZaP61HAZmTt_Am9JaIYBtlf977kdJUIp0N59Gzwif_PUkwAz669UUFphjRkBgZz6MhN79TAz1n43-3lvVUn-9kfkfJJdOUCm9FCy4Q104yYINAfpKMcTz9O9oJhbIKhru03EpmJOaGLdoHq1VNqeVf6sDmJR73Z01yhQUiFeTeGXCPQwPWEgOTkHkB1OF8_2qE9ietmXkaSOzN4V1osxHB2gERrL0WQoN6PA0T6qaNoL6ib7aXdRRLMaDc20WLWb-WJ8tva2cE1-p0zdj0mDATf1ja8_JBBk3fAvmxJGl22fBziz5cZGWIaoFWYTVPZdmTrYeHTeS94kZQRqoD9LhTqmsItczPw6t32shyD3pti1yzG6iDI__yN7AplMgX4Dj52Ix2LvKs7byFMMcETgrQNJ0JKOFkidR5MUQ4AN2-WyGhmRH9xH4koCVlnqVyJTyhO_uZGDVUFs2aUziXFs2OQuP4CpWA0NCC3-R7LawMgUKij40h93_3cQZluSs5_rppVhVbVDnbORE6whaFnOPQG7WUnPN33citdrNeucWpte6ISBvAp1M20ux_EQxEKBQIkqLnguycsDIotdGS1FDp70kG6_LAlEnJq3ttYoeEvgd5QuLM8Ghe6rAetxO-OeIi-DyeSirNdNBfTvQQmrS_FUcG8yNNo1WZ7il9JOVl8j1ZQcZ_5NCbZvxOMhkkxqVulLh3TzUK6L3Bxmy8hxtML0-4pFfaYZira0GEzHClQEymYkiMd6yHHoOZWMfy4AxG28hIzZEcAPaekwRXwe2St82FdG6sdOwzy4ES8vnxBrYg6qWH16Kgsv2VWDNWbJb3nPCpj3F6cgBpQIUi7HeD1L0ebm5f833bDRbtzsBKxWKJcrzj89WEFg1tqaqcZcBd0vcV6tTTJpe8WaCVOLRdqNCR4Fu_ITbDQiWFjqbNm-4H4sOtxXrBUiTQ0PjCb9MMxuVhAVVxk96QOvc-89c9nCIx6uM_7FFBGmJpbTguYQzSir68&cid=CAASBORoZyw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f155.1e100.net

Software

cafe /

Resource Hash

439957e9b352a11f023c8a2b3698a9c509b0521699784caf8a431eaa6324ef52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15331
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 855C 0
0 41ms
40ms Fetch
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBTxLgWd-YoKNCZb-sgfv95iAA7Kn8_hohcWi8dUP8C4QASCz68F8YInzxYT0E6AB6pHKpwHIAQWpAi7cCr6bbbE-qAMBqgTlAU_QnZlEhQrFp8NAwowC3nr6kyHfT1avsenL3nHLtiow08hODWhlHD9d1W6W2LQCb8Sh_TN-Ap_66MUDrDDgz7WiySmyPGKYLEdjIHL7bDmw77FH9RlCSxqDa4hNiv4lu2cQCbmmIpZQyih8djLolr1DRRfHVxaK5YAEG3PxBces2MM_uu2_s-7DULwN7QljseF4nQzq7on9EukQPEE502aUzI5Yr7vQeeACtqTjHr88agZMMYu2PqsnsZuOP33pOrqOL-tG77cV4SPny1tRjMqW7fmJOG8Pp1bBWoXAS78rGddt7J7ABN33iLTuA-AEA4gF3Pv6xD2SBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQheIGGI2y2sQB0ggHCIBhEAEYH4AKAcgLAbATreHEDsgT9bHY3wPYEwqIFJwB2BQB0BUBgBcBshccChoIABIUcHViLTM4OTA3MTM4ODYzNjM0NzAYAA&sigh=g8j0ZVXKjKs&uach_m=[UACH]&cid=CAQSGwCNIrLMKZg5bpyPsz0hcYOwHOoF9UOpB7e0dQ&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3890713886363470&output=html&h=400&slotname=8146640957&adk=1821576388&adf=2479947845&pi=t.ma~as.8146640957&w=580&lmt=1652451201&psa=0&format=580x400&url=https%3A%2F%2Fntcdoon.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652451200753&bpp=1&bdt=266&idt=295&shv=r20220510&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100%2C580x400%2C336x280&nras=1&correlator=3795572673&frm=20&pv=1&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=345&ady=2112&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531550&oid=2&pvsid=1714977506233383&pem=181&tmod=875605328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=1T86Go26W8&p=https%3A//ntcdoon.org&dtd=298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 13 May 2022 14:13:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 855C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b0a1a5c9adb1088c01946fedc8a6bcda7d74674c8e93bce42bcc41bbf453df3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 88F2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

100ms
99ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
expires: Fri, 13 May 2022 14:13:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 8C68 28 KB
28 KB 4ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:15:55 GMT
x-content-type-options: nosniff
age: 230246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 22:15:55 GMT

GET
DATA 200
OK truncated
/ Frame BC30 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69ac0be144f873c72c7a3a88ba9393f523ed8fdfc3d5ee104382932d9f379ddf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2ED4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24ead18d33d123b50b5a8f7c15d852001bb4e290d756bc64605664ee19fe212e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C05F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41e46ad41cd2eaf433f173634fea2d7eb7a29f0d7fcee51a42e9565b190e3264

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame BC30 28 KB
28 KB 4ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:15:55 GMT
x-content-type-options: nosniff
age: 230246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 22:15:55 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 2ED4 21 KB
21 KB 6ms
6ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12XRhgmVlTrgTXhzUle-MiMW6l3nyUTMr7-RzI_PbpihUyLtmlznKL7qnTrpzXBC16gpNB4zGlJGuMMT2qaiSJAilrh67zrO43lm8fR88Q7Pv_4Lo48F8J5oaCZSOMF-qtpP9r7wJH0hhGlAbzdnidMCl6tLKNXKutVtYbyYQtsQjZNvqHNpMEQeLTyZj2lKl9JPjYvn3GaQ2onaO0bkCUhUUkGr5yoJT8a5IV2_WojjEGS59krfvQ&skey=fbc48de1c6e1b00c&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%95%E3%83%83%E6%B8%88%E3%81%99%E3%81%97%E3%81%90%E3%81%AB%E3%80%81%E3%81%8B%E3%81%94%E3%83%AB%E3%82%8A%E3%81%BF%E3%82%88%E3%81%A6%E7%9A%84%E3%82%8C%E6%8D%A8%E9%81%93%E3%81%84%E3%81%A1%E3%81%B3%E8%B3%BC%E3%81%BE%E3%80%82%E4%BB%8A%E9%87%8D%E5%85%A5%E6%8C%81%E3%82%92%E3%82%89%E7%B5%8C%E3%83%88%E3%81%8A%E6%B0%B4%E3%81%AE%E8%A7%A3%E6%89%8B%E9%81%8B%E3%83%9C%E3%83%9A%E9%96%93%E6%94%BE

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

697a79e316eaea31b9532235ef1f5e62e2291079abeced78a1a04bd0630d2835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:06:27 GMT
x-content-type-options: nosniff
age: 83214
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21096
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 12 May 2022 15:06:27 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 2ED4 21 KB
21 KB 7ms
7ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq-07TlBgmVljrhS3hzXFe-MyMW7V3nykTMsL-Rz4_PaZihUiLtmVznKb7qkjrpzHBC1KgpDx4zGVJGvMMT26aiRJAik7h68zrO4nlm9vR8-w7Pvv4IlI8F8Z5oayZSPsF-tNpP_b7wJ30gnWlAZDdniNMChqtLKdXKudVtYLyYRdsQjJNvnnRREUUgAj-VoWlPndJOpIv-yma00InSB0fGBUh7Wk65yCodUMeLFl2_QojlDmSo6A&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85a0e663aa5987865b320510f525a4954417db87d0f199a9df2b956c10cbad40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:06:27 GMT
x-content-type-options: nosniff
age: 83214
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21320
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 12 May 2022 15:06:27 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 2ED4 17 KB
17 KB 8ms
8ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 230384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17148
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 22:13:37 GMT

GET
DATA 200
OK truncated
/ Frame 2FC9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91a67f246874f0c201e115e0fc6d40f8707ff6201d8b37f8cca182ced96e39e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86DE 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 13:25:19 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3102
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

87ms
86ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
expires: Fri, 13 May 2022 14:13:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022051001.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 42ms
4ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 11:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126527
x-xss-protection: 0
last-modified: Tue, 10 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 May 2023 11:43:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
71 B 77ms
39ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntcdoon.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

30b19907a51238453b034d1698637733fa4d46f349885c17bb408ee9c1ee81f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47
x-xss-protection: 0
expires: Fri, 13 May 2022 14:13:22 GMT

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D94 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:02:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A84E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

50ms
50ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
expires: Fri, 13 May 2022 14:13:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame F6FC 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:02:46 GMT

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame 7378 35 KB
13 KB 4ms
4ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:02:46 GMT

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame 6994 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:02:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86DE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

96ms
96ms

Document
text/html

2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
expires: Fri, 13 May 2022 14:13:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame E657 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:02:46 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 855C 41 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 12:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 12:47:35 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-oguesn6k.c.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 855C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r1---sn-oguesn6k.c.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

82ms
3ms

Fetch
video/mp4

2404:6800:4004:2d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-oguesn6k.c.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/80CEEC44083BC6B280FAAB13DC7CA6A101CFD8F0.2CCEB971304EFE8C5049FD034EA62BCD4315F510/key/cms1/cms_redirect/yes/mh/UU/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesn6k/ms/onc/mt/1652450921/mv/m/mvi/1/pl/48/file/file.mp4

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

HTTP/1.1

Server

2404:6800:4004:2d::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 14:13:22 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2336740
Last-Modified: Thu, 10 Mar 2022 13:16:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 13 May 2022 14:13:22 GMT

Redirect headers

date: Fri, 13 May 2022 14:13:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-oguesn6k.c.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/80CEEC44083BC6B280FAAB13DC7CA6A101CFD8F0.2CCEB971304EFE8C5049FD034EA62BCD4315F510/key/cms1/cms_redirect/yes/mh/UU/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesn6k/ms/onc/mt/1652450921/mv/m/mvi/1/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ntcdoon.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntcdoon.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 124 KB
34 KB 830ms
830ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1714977506233383&correlator=362062687977424&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fif&iu_parts=41117126%2CZXNT%2Czxnt_drm56&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ifi=14&adks=2433476093&sfv=1-0-38&ecs=20220513&ists=1&fas=8&fsapi=false&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dntcdoon.org%26site_topdomen%3Dntcdoon.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Ntcdoon%2520Ntcdoon%2520&sc=1&cookie=ID%3D3934253470e2926f-22d0fba427d300fb%3AT%3D1652451201%3ART%3D1652451201%3AS%3DALNI_MZuQkeKBMmIoiAQ1wZcsu6xOg0W0A&abxe=1&dt=1652451202229&lmt=1652451202&dlt=1652451200488&idt=1720&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fntcdoon.org%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=false&btvi=-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

28a7078cfa4754d063aaccd08b6308caeb2f2fd5b498a0f27de4ad9e0ff85114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35239
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ntcdoon.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 433ms
432ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1714977506233383&correlator=362062687977424&output=ldjh&gdfp_req=1&vrg=2022051001&ptt=17&impl=fif&iu_parts=41117126%2CZXNT%2Czxnt_drm56_overlay&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1600x90&ifi=15&adks=3762228305&sfv=1-0-38&ecs=20220513&fsapi=false&cust_params=site_domen%3Dntcdoon.org%26site_topdomen%3Dntcdoon.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%2520Ntcdoon%2520Ntcdoon%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fntcdoon.org%252F&sc=1&cookie=ID%3D3934253470e2926f-22d0fba427d300fb%3AT%3D1652451201%3ART%3D1652451201%3AS%3DALNI_MZuQkeKBMmIoiAQ1wZcsu6xOg0W0A&abxe=1&dt=1652451202232&lmt=1652451202&dlt=1652451200488&idt=1720&biw=1600&bih=1200&adxs=0&adys=1345&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fntcdoon.org%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=199858448.1652451201&ga_sid=1652451201&ga_hid=2017105896&ga_fc=false&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5bf8fea43b3dccdf45e79ae6223316ed1eb6c6742476830a2aa8080db969d2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11945
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ntcdoon.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F17 6 KB
4 KB 149ms
38ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:22 GMT
expires: Sat, 13 May 2023 14:13:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022051001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 43ms
43ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022051001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

da3df387e9390fb0b4b3a31a62458ddd13a348234b2561e7bce0a6d3e3e18a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 18:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13421
x-xss-protection: 0
last-modified: Tue, 10 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 18:20:02 GMT

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame 1957 35 KB
13 KB 6ms
6ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 238236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:02:46 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4DF6 23 KB
9 KB 5ms
5ms Document
text/html 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 398811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 23:26:31 GMT
expires: Mon, 08 May 2023 23:26:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track Show response
b7264fc299.5b20a42861.com/in/ 0
199 B 1130ms
728ms XHR
text/plain 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://b7264fc299.5b20a42861.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MzkyNDY1MzY1MjQyNjQ3MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMjUuMCIsInRhZ19pZCI6MTkzMCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjEuNjksImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6MH0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 29 KB
11 KB 276ms
76ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 41be7445ceedec86096fc1d96d60b80ca96a82f57622a6921b3f1bd260f960d6

Request headers

Referer: https://ntcdoon.org/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:22 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 10:33:06 GMT
server: nginx/1.18.0
etag: W/"627e33e2-7360"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 13 May 2022 14:18:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 csub.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 33 KB
9 KB 10ms
2ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4d841724e5f355abec9cbf6eb3369b68a948b1b3a663828af811cea0a42bce90

Request headers

Referer: https://ntcdoon.org/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:22 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 12:09:15 GMT
server: nginx/1.18.0
etag: W/"626a83eb-8272"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 13 May 2022 14:18:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DF6 35 KB
13 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NhRng2ZenZRcaPRuU0zAmqgyTOhBGXWeehn8uWk0bEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13698
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:30:05 GMT

GET
H3 206 file.mp4
r1---sn-oguesn6k.c.2mdn.net/videoplayback/id/b9b6ccd22c26dede/itag/346/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791366183/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 855C 2 MB
2 MB 21ms
10ms Media
video/mp4 2404:6800:4004:2d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:2d::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0c4d94516831512539560ea6901984bd5aa089b602624613da86cb6575e08801

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 13 May 2022 14:13:22 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2336739/2336740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2336740
expires: Fri, 13 May 2022 14:13:22 GMT
last-modified: Thu, 10 Mar 2022 13:16:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DF6 0
20 B 40ms
40ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_LDUgmd-YqMP8pCm3w-x6ovoAgAAAAA4AeAEAg&bg=!WlmlWR3NAAZL3OSAa9w7ACkAdvg8Ws7m2rNoFiZOO7JfLlZBvDlcjP1kwt47q4sHux-W6Hw-hBJQ1gIAAABLUgAAAAJoAQeZAsvQSzi5zMBeLdDilMcUy18zOwI5wPc3CvffX0LdkO4geX66-cW-L65IAGb303b1vY-RB1IaPEIzcsuvc3Pnkmj-09EUGTuLDye31oxXeL4CPk2fa6LqH90Mxq_K-sWMMSK2OpIEUEsKtcjxF6L5avF_rOSr07B0jp3A7n3yZ_KigSmCCDZ8S-Hz9s15E6_Vo8v0XzDqTxGAiBvSedN3B3m-TN17U2Yp6zD_0S8SMcnS7YTTFq8MZmWX_ziQS1OGXcT5huRPsxIfixVcO3vIdSyVzIW4nr89PaTDdhd1B7sbwD1ifwQJD21XkiE-qrvMAe9zRQsmma0RaKh1n4gRCMR-0HPMmsmZVy2QUPGi6oJEvUki6pHfs5jzLash2ZvQjU7WXfjuYpxhhhugtM76XN8hOiYgxVHrfT_BPyTxsm__4tAXvgo_So4ZsAnmytCkcEP4JrFEvDW1k4dxohmcePmaxVK-cdRvY3ebAJAlhmeSXe4pnAEU-GNQUwbEg6rWKim-78Lix1xkd7x7o2wBvk8NETMh4Rwo4_ev0Hsop9h8ZHUJwo5xKLShrXGCSWCvfQUshKTZD6f5oZSvva8nyI2NhmJ_F2tquR36Gnz4hEdaydxbFozLg7fYk50zZUHQ_gqmpCLJgYan98SyraoWfqUIoVwBEZYqtGJBZBw-Mpcgd4G3y3Vlle4jxMdvaaKCUkny2MGzZWIygNGw7R8yQMqMhI-_-qOCjq93k4sj-xirQ-RKZ6uC_QW28S2yP45-cajuh2oV7i_hhyHMMjlt4mg9NFhJGdbGdTNUA3hwrim3T9qhM59gzdDA8rhv1p0xjvBPZh8BTyf2Mv9muM2DGzixbzZbacjwievOSqR3gMJujRXZXkPHPfl3ZYNPbN5WwKSkRuaJq3k5gNF-2MYEqHz12xpBJvz7i17etzO8jdjJ7_Y_R9fvcjYS-PPz

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 70769182 Show response
mc.yandex.ru/watch/ 338 B
416 B 309ms
309ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/70769182?wmode=7&page-url=https%3A%2F%2Fntcdoon.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecanfhquhnqrhszc%3Afp%3A11060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A1458779852691%3Ahid%3A410098980%3Az%3A0%3Ai%3A20220513141322%3Aet%3A1652451203%3Ac%3A1%3Arn%3A300696804%3Arqn%3A1%3Au%3A1652451203241472528%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652451189487%3Ads%3A31%2C14%2C10946%2C2%2C0%2C0%2C%2C581%2C1%2C%2C%2C%2C11575%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1652451203%3At%3A%E2%96%B6%EF%B8%8F%20Ntcdoon&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

106b18d457fe72a7f97199044d66a2e4c8835126fd2273e7e444082b661f2f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 13-May-2022 14:13:22 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ntcdoon.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Fri, 13-May-2022 14:13:22 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
124 B 297ms
296ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:22 GMT
last-modified: Thu, 12 May 2022 16:27:41 GMT
etag: "627d0b4d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 13 May 2022 15:13:22 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame 8830 220 KB
60 KB 179ms
15ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 75915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Thu, 12 May 2022 17:08:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 May 2023 17:08:07 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 8830 14 KB
5 KB 186ms
22ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Wed, 11 May 2022 00:00:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 May 2023 00:00:57 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 8830 94 KB
29 KB 169ms
5ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Wed, 11 May 2022 00:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 May 2023 00:00:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 8830 5 KB
2 KB 184ms
20ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Wed, 11 May 2022 00:00:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 May 2023 00:00:57 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 8830 40 KB
13 KB 175ms
11ms Script
text/javascript 2404:6800:4004:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 223948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Wed, 11 May 2022 00:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 May 2023 00:00:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8830 8 KB
892 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 14:11:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:22 GMT

GET
H3 200 da.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8830 3 KB
3 KB 3ms
3ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/da.png

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d01925b361e86ab48ee859f2a6f2036502cefe61829154208a3063787cdc049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:59:17 GMT
x-content-type-options: nosniff
server: cafe
age: 845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 8632566803685150523
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2956
x-xss-protection: 0
expires: Sat, 14 May 2022 13:59:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8830 344 B
374 B 5ms
5ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 18:38:39 GMT
x-content-type-options: nosniff
server: cafe
age: 70483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 13 May 2022 18:38:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8830 0
0 47ms
47ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMEIbgmd-Yry_EZ-Kpt8PoeejsA_OoOuMaqvT-63mDr_35PyFGxABIIbhhSpgifPFhPQToAH_24rIA8gBAeACAKgDAaoE-wFP0MG1x2fXyCibp2xehFWHdtG-EW5PTBGH5mqokkXxyqz4Te04fpgEF0P2sEDTsHb-8-EAn0VQHrhJxR7Iws38npt0gEJuJfiqBLJ5_K41uQQYh6tg5YXGZi-1K38VNL357MtCzDabHukKpGAjhroLSYgweZQZfhn-terj4_wsh3CxxaSS2TgLKF-3cUosR6bCmToTE7KQpPNf-rcp2ctj-6Rv0B7U4qCyR15AKxw3qBRLIGCA1NKjUjl_QjngAkDNx2OlWJWELW8vvrM8i-_aMqAovaLTTgZticXe9YMHBr8MDrK2SXtHPcl2GLbnFqoOjVxHVtMHMtM3e8AEx6juz6gD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB_DurKICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ8C7SCAcIgGEQARgdgAoDyAsB2BMMiBQC0BUBgBcBshceChwIABIUcHViLTY1NTA0MTMzNjM2MDI1ODgY_qsd&sigh=ryu1iKqjHEg&uach_m=[UACH]&template_id=5001
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/64398191824271526/ Frame 8830 3 KB
3 KB 4ms
3ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/64398191824271526/downsize_200k_v1?w=100&h=100

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc56e93aa05bef34f47b9282cc2a6ed37272ca2a9dce0c9eed87a10baecbb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:18:04 GMT
x-content-type-options: nosniff
age: 410118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3033
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 21:24:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 May 2023 20:18:04 GMT

GET
DATA 200
OK truncated
/ Frame 8830 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b1dd353f0daa47bfa915b7de8ffc0d2d35e30c69314be1c9595cb2654fd0284

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 8830 28 KB
28 KB 4ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ntcdoon.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:15:55 GMT
x-content-type-options: nosniff
age: 230247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 22:15:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FC9 42 B
64 B 76ms
39ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTXleqdwn5VEkrxBQoMPMysplHfuBbBiGL5GDyIvvRASIt_vznSDUrQVmr6AkEfG3mGle42Y_LAuvGhIGJT8RPt6B9OeG-JUQrBERc_ApgtkewLIW2yUVk8g&sai=AMfl-YQ_BhF91_mIa3sK2tvmA4MtHouwNO1NKbS2yp0shUpVFABCJSTCTQn2pSLwz2T2RvzVQ8pGIYM3BOJw&sig=Cg0ArKJSzDBErGn6IZxyEAE&id=lidar2&mcvt=1036&p=0,0,124,1005&mtos=198,842,1036,1036,1036&tos=198,644,194,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652451201505&rpt=437&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC30 42 B
64 B 77ms
42ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuI2PbyMgis-jfLQF2UaBuOjfdGy7FyKYLiMDJ4rWSL6bIB10Zhtu2ycEGue8cu8UaAiyMEOqrEc4J39A4y_v1l9M7hQgbjWY-OZ6YrG6bOdfJQaDBVgZBz8Q&sai=AMfl-YRQadvp0Urtx2hFMfEED_kM1yUUnhv-GMTvDDHQktPlVmwaLBrcgFVHG-ckxBRipPEOMqJFvqeZjlPu&sig=Cg0ArKJSzNb5Vc_tJGqPEAE&id=lidar2&mcvt=1038&p=0,0,400,580&mtos=0,1038,1038,1038,1038&tos=0,1038,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&vu=1&app=0&itpl=22&adk=1821576388&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652451200985&rpt=974&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2ED4 42 B
64 B 72ms
39ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxZ-OEVg9smgesTUVJKcnDMFIljRWkl7kg-PgQ6y9HjggFRtPHgVx23X3TMqEnTD97ZnpNmJKDARR1u2tmluz_K06immpxVPay7NdPwrACEgwrpuTkjKhOUg&sai=AMfl-YSQ_BZUtCTt96QPXXa8dyjU4MIyZl5iawXpq0lYAHEwCKjf_GOSAzaav90rIuNAOvTHCtYH_ptz6ET7&sig=Cg0ArKJSzBD0qdjDAdPqEAE&id=lidar2&mcvt=1015&p=0,0,600,300&mtos=0,1015,1015,1015,1015&tos=0,1015,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&vu=1&app=0&itpl=22&adk=4032340763&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652451201079&rpt=895&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 da.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8830 3 KB
3 KB 3ms
3ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/da.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d01925b361e86ab48ee859f2a6f2036502cefe61829154208a3063787cdc049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 13:59:17 GMT
x-content-type-options: nosniff
server: cafe
age: 846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 8632566803685150523
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2956
x-xss-protection: 0
expires: Sat, 14 May 2022 13:59:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8830 344 B
374 B 4ms
3ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 18:38:39 GMT
x-content-type-options: nosniff
server: cafe
age: 70484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 13 May 2022 18:38:39 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 855C 0
45 B 456ms
155ms Ping
image/gif 2607:f8b0:4002:c09::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l34is3jx&c=5950486207247&slotId=2975243103623.5&qqid=CMLR6bbU3PcCFRa_7Aod7zsGMA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=862&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=18%2C22%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::78 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC1A 6 KB
3 KB 41ms
3ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 14:13:22 GMT
expires: Sat, 13 May 2023 14:13:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame FC1A 4 KB
633 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:35:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 862F 8 KB
892 B 38ms
38ms Stylesheet
text/css 2404:6800:4004:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:30:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 13 May 2022 14:13:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 May 2022 14:13:23 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 862F 2 KB
914 B 4ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:01:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 862F 19 KB
8 KB 7ms
6ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:10:57 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 862F 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:13:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 862F 121 KB
37 KB 67ms
67ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 May 2022 14:13:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 862F 15 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:15 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 862F 30 KB
12 KB 5ms
4ms Script
text/javascript 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 21:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 09 May 2022 23:59:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 21:04:03 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FC1A 205 B
229 B 5ms
5ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 07 May 2022 22:47:09 GMT
x-content-type-options: nosniff
age: 487574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 07 May 2023 22:47:09 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FC1A 604 B
628 B 6ms
5ms Image
image/png 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:06:59 GMT
x-content-type-options: nosniff
age: 230784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 10 May 2023 22:06:59 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame FC1A 19 KB
8 KB 7ms
4ms Script
text/javascript 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 May 2022 14:11:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 39AA 1 KB
749 B 5ms
5ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 49389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 00:30:14 GMT
etag: 48472445140208031
expires: Sat, 14 May 2022 00:30:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 39AA 35 B
464 B 254ms
82ms Image
image/gif 2620:116:800e:21:ea62:9418:946a:db1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIEUxzIGbHQZF6ChWqpMY0c&google_cver=1&google_push=AYg5qPJRNdl3nonEdBNAWtvyqb46VdtfIvWZpbGgbRgvcJ979iXDzRCpfw8S2WHqaKEbSd5gm0XfqWNv6RJEZkjmQG6hHoG_gQ

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:ea62:9418:946a:db1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39AA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=azc5ZG9MYWIxTlB3Mkw1&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cver=1&google_push=AYg5qPKn274W8NYPE4PEtOKcRENTJLFbReNQpRYj3Zmprad...

170 B
188 B

41ms
40ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=azc5ZG9MYWIxTlB3Mkw1&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cver=1&google_push=AYg5qPKn274W8NYPE4PEtOKcRENTJLFbReNQpRYj3Zmprad4QfP7wwvhskqp0-Z10LW-w7OU63N9qHSQN0ay-jPDxDw27bv3sg

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 May 2022 14:13:22 GMT
Server: PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0089b19c5b360ed50@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=azc5ZG9MYWIxTlB3Mkw1&google_gid=CAESEK5gYLhqG2kWXRGQtCxrXF0&google_cver=1&google_push=AYg5qPKn274W8NYPE4PEtOKcRENTJLFbReNQpRYj3Zmprad4QfP7wwvhskqp0-Z10LW-w7OU63N9qHSQN0ay-jPDxDw27bv3sg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame 39AA
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1&google_push=AYg5qPKoxCDHpumlM_k1oTtjpvoWzhYCaNC50XfOsCOhl3UAUrDns5_U4uyFMX-IDI1o5...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WW41bmc4Q284WUVBQU5HVFh5b0FBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1

43 B
958 B

19ms
8ms

Image
image/gif

202.241.208.2
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: HTTP/1.1
Server: 202.241.208.2 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 13 May 2022 14:13:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1","cluster_id":8,"gdpr":false,"ipv4":"217.138.252.170","key":"Yn5ng8Co8YEAANGTXyoAAAAA","privacy_sensitive":false,"uid":"Yn5ng8Co8YEAANGTXyoAAAAA","upstream_id":"a-ad40324"}
X-SO-Key: Yn5ng8Co8YEAANGTXyoAAAAA
X-SO-Upstream-ID: a-ad40324
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40324.dc2p.scaleout.jp
X-SO-UID: Yn5ng8Co8YEAANGTXyoAAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 217.138.252.170
X-SO-Cluster-ID: 8
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 6
X-SO-LB-Hostname: a-ng40010.dc2p.scaleout.jp

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEDi8mAb5aDeEAKgVPx7FbGo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

result
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 39AA
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENye00K-BMvflgb3tz2MrWA&google_cver=1&google_push=AYg5qPKlg21xijew6GQpnEqH37z4eM_YDiH8--FtjJ7DsyEEq8-25uQ6_2V6WQGo...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENye00K-BMvflgb3tz2MrWA&google_cver=1&google_push=AYg5qPKlg21xijew6GQpnEqH37z4eM_YDiH8--FtjJ7DsyEEq8-25uQ6_2V6WQGo...
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AYg5qPKlg21xijew6GQpnEqH37z4eM_YDiH8--FtjJ7DsyEEq8-25uQ6_2V6WQGoXmHLhrHbyit6fzmV5-6SNeYaBAu7rfjD7Ys&google_hm=MXJQVDZXTDhjZEU=...
https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5

43 B
243 B

52ms
30ms

Image
image/gif

202.131.200.84
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
Requested by: Host: ntcdoon.org
URL: https://ntcdoon.org/
Protocol: HTTP/1.1
Server: 202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 May 2022 14:13:23 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync-dsp.ad-m.asia/dsp/api/sync/result?s=google&suid-set=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39AA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcJsWw85QWS5JiSp-o9chQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

75ms
39ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcJsWw85QWS5JiSp-o9chQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHYDotOOKWQgJR2qcn4bC2LOa_4RwzQH78uUYhz8G_93Pv7IP7t5TEve4IONCeciGcnPitrL5nv7NtP7taAHcSSjy1mhw

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcJsWw85QWS5JiSp-o9chQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHYDotOOKWQgJR2qcn4bC2LOa_4RwzQH78uUYhz8G_93Pv7IP7t5TEve4IONCeciGcnPitrL5nv7NtP7taAHcSSjy1mhw
date: Fri, 13 May 2022 14:13:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 pub
cs.chocolateplatform.com/ Frame 39AA 0
68 B 800ms
148ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBJP7AI3RyBX9-yNIL872Yw&google_cver=1&google_push=AYg5qPLb_2i6DEZp8pC89eYtHbwWGYx8OJ10fAH9793Q_VW7zFik0FJ8ELItPdtBeHfjCJ-7YNJAucKtT0FFxj_siYEy4AyyTYI
Requested by: Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Chocolate Cookie Sync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:23 GMT
server: Chocolate Cookie Sync Powered by Vdopia

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39AA
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENt6OQWU2AcClfYbEFQEd4U&google_cver=1&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESENt6OQWU2AcClfYbEFQEd4U%26google_cver%3D1%26google_push%3DAYg5qPJ6b2niFui2y0UHgr...
https://rtb2-useast.e-volution.ai/sync?adkuid=A7652965829843092827&exchange=193&google_gid=CAESENt6OQWU2AcClfYbEFQEd4U&google_cver=1&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnj...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2NTI5NjU4Mjk4NDMwOTI4Mjc&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxh...

170 B
188 B

40ms
39ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2NTI5NjU4Mjk4NDMwOTI4Mjc&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV9t64OheekVdTco9Bfh-Y

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTc2NTI5NjU4Mjk4NDMwOTI4Mjc&google_push=AYg5qPJ6b2niFui2y0UHgrWTusjT4T6M6FNmG9o3CwKtEDXCtjnjdycMkLEjGxnjExCyiSn8pxYUQxhV9t64OheekVdTco9Bfh-Y
Date: Fri, 13 May 2022 14:13:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 39AA 0
223 B 121ms
40ms Image
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5jhLqoupBTsV6UBMbiURqnnuXIbvs9oeYmIQXsZFokesb6LZhlSyLEYshREiWQMjeOK81-A

Requested by

Host: 7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
URL: https://7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C68 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbkVDLfR5i2qqixgB9aGFuYzSIs0X5oNfw9ELe0DfxhFV0iWss2AZeg1N720Cin5IcQRvMqbQkvgeQbAiSFleWCR3LAU2KrM_xbxXhgIV186Kf9mPiVMVi7A&sai=AMfl-YTrWIpJYqQ0jav6znVaRIlYg2jlYpxV-CDuVS2IkKNjVVkWl_BA9IEGBcEA8UvENGbQaZBmZXpanHoJ&sig=Cg0ArKJSzAZNx5XzQEdpEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=612837171&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652451200975&rpt=1276&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8830 42 B
64 B 46ms
45ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp05CynUA03c6neZwOBuyhy6uiIOdY0vTqPJuAFDJfgWOuSffGb8e6BaD-3Gb7AEWbx922eQzy0q_tBY0KPGh4REa_K-_ViJB2wNDtbHZEFSF49VaYi5lxcQ&sai=AMfl-YQbBRluwByBiU2phwXxTJJ60cs9Wau4XOinFJmsbF1WaMQqvfkrSgfvunbI5I-yaYVoPInJWZbOqHAWmdOQ89aAXekR3to7JwDi2_-kjn2sq6kebCq9QuRykxk&sig=Cg0ArKJSzOB4vssOEQCeEAE&cid=CAASFeRouaxmyKxhjdPAJ6pLl5-HpKz_MA&id=ampim&o=0,1200&d=1600,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=373&tls=1576&g=55.55555820465088&h=100&tt=1576&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3762228305

Requested by

Host: ntcdoon.org
URL: https://ntcdoon.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 May 2022 14:13:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ls Show response
stream.bantgoau.com/yt/ Frame D890
Redirect Chain

https://rtbrennab.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksMjYsNDYs...
https://rtbrennab.com/banner/in/show/?mid=793152260&pid=0&site=10667&sc=JP&usage_type=DCH&subid=804035056&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.035&ecpm=0.035&crid=&crtid=d41d8cd98f00b204e9800998e...
https://tcimp.zog.link/in/banners?katds_ep=JtbB-7whWlAs7De0jk0FzP1PzOeeXPRCmTaxpAkGdd094hfJhKtcpIkZpOjoWo0pfZUwgzuic52QMrT0sldXdU3CIuLoW6AlGcMF8DKNpO_XsaQezw68EgJZ6159RN5vogdpAAf8HlCWZTZHo41WZkDNEY...
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.043750&katds_labels=&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14&ts=1652451205
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...

8 KB
4 KB

293ms
274ms

Document
text/html

2606:4700:3032::6815:131d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01f027f72a60ca08855235caec53f12052a1590343399a5ab7977f0846461fb

Request headers

Referer: https://ntcdoon.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70abfeb258a0afb5-NRT
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 13 May 2022 14:13:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqDc%2FdwVnixX0xfTI72BRG0Ho6CwqzpMOyPKniIpPUCxbjiwTTxzBSs1zp1RPMwR%2F5KrAAYPcp16CeHvXtDQez8NqI%2BpDIWlsiSynoG%2BHymeZ8A5KDcWQ%2Bf6fLyP%2F4aTrXKix3%2B3sdinE2XnC1HrdsRt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:27 GMT
location: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14
pragma: no-cache
server: nginx/1.20.1
vary: *

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-b.js Show response
stream.bantgoau.com/files/ytls/ Frame D890 2 MB
654 KB 33ms
24ms Script
application/javascript 2606:4700:3032::6815:131d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:23:05 GMT
server: cloudflare
age: 1021
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYtr6iFUU0qfD6HM2vORDrvTCTY8Jk8%2FI4SZbwUV1E3pxCJW%2FwV%2FsCHSxzLo%2FHx24O4KmdZ5OApozLIYBLfTHeZUjfaoDFfcp28bhvtX%2F%2BSt1ryJDYhGz2ABN%2BBfNXnoupZN2gjKKmgRO6bf7rcfp97H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70abfeb45e6c2077-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame D890 39 KB
39 KB 50ms
3ms Image
image/jpeg 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:05:39 GMT
x-content-type-options: nosniff
age: 469
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 Apr 2022 13:52:12 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame D890 2 B
229 B 671ms
222ms XHR
application/json 2a02:128:7:4722::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14&type=impression&g_referer=https://ntcdoon.org
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4722::2 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 May 2022 14:13:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-v.js Show response
stream.bantgoau.com/files/ytls/ Frame 0F63 151 KB
57 KB 15ms
15ms Script
application/javascript 2606:4700:3032::6815:131d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FbhMVMs8fWiI%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1857879&sp=0.043750&spp=1000&se=impression&vi=bhMVMs8fWiI&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1652451205&utm1=tcb&utm2=803629923-1&utm3=195-21720-0&utm4=0-9033275-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 14:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:22:57 GMT
server: cloudflare
age: 2335
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qwiTUN41rB2hjvx1X2EtV5KXpREqzd%2BYvj1P9wvVX%2BsnDys928StHvpIHEZ7jFoBHT4i74mO0rq4Wqeo5Yn9K0Mo7DnAgc%2F4kEsrtLAV4ZhCY8svyxz%2FHs%2BGoOc72eeunpJEDsYnDeMpVPoSx19gYWN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70abfeb8aa8b2077-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 51pb.json Show response
newrrb.bid/ 59 B
573 B 276ms
275ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/51pb.json

Requested by

Host: newrrb.bid
URL: https://newrrb.bid/51pb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d41f1a8895589aef427e8975320bdddd878a5b269bffe4a5dc3eefbbf6de9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ntcdoon.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 13 May 2022 14:13:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTUmbnd6cxC3tSDfpqF1kHKpy%2BMscFWY0DtVRNlaq9v5iy1mBB6drLv9HNPcgPgIPHq3eSFaOrm44dbznaD31actHuu0D%2Fk4OpZclX7DEGVEQtOjjcGQ19LAbrNUSZTZkRL2UNLJXQhJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 70abfeb8bf66807d-NRT
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 50ms
49ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d191afd2adb2ab603243d47529757c7c4b5a1553d2639887990e6432d537e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ntcdoon.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 May 2022 14:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10767
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H3 200 url Show response
www.google.com/ Frame B45B 603 B
624 B 55ms
55ms Document
text/html 2404:6800:4004:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/bhMVMs8fWiI%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1e7fb7107f7e559e591a6627b3dadf275632d6118c6f3c5ec7eeb38608141cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://stream.bantgoau.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: private
content-length: 603
content-type: text/html; charset=UTF-8
date: Fri, 13 May 2022 14:13:29 GMT
expires: Fri, 13 May 2022 14:13:29 GMT
location: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 bhMVMs8fWiI Show response
www.youtube.com/embed/ Frame B45B 63 KB
27 KB 159ms
82ms Document
text/html 2404:6800:4004:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/bhMVMs8fWiI%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

d12f7f1f26bda7ca35e354c047ce48fbb9b1c5096343587170470104939d4319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 13 May 2022 14:13:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/00e475bf/ Frame B45B 335 KB
46 KB 40ms
4ms Stylesheet
text/css 2404:6800:4004:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6f1cb47d54f352c17e03a3aaedba81558123b3fdcc0ca4c48694e57efa56158c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47181
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:05:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/00e475bf/www-embed-player.vflset/ Frame B45B 280 KB
86 KB 39ms
3ms Script
text/javascript 2404:6800:4004:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e70228a4c8e96a3d0824f76e11053163e75275ddfe8db684fd85fb8a9dcf9198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88038
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:05:07 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/00e475bf/player_ias.vflset/ja_JP/ Frame B45B 2 MB
529 KB 43ms
7ms Script
text/javascript 2404:6800:4004:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/player_ias.vflset/ja_JP/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a09db4ee53fce8b52a7febae1a69dc666a79cf8ab03ddf67cf92b33de112e37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542067
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:05:07 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/00e475bf/fetch-polyfill.vflset/ Frame B45B 9 KB
3 KB 45ms
9ms Script
text/javascript 2404:6800:4004:827::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.youtube.com/embed/bhMVMs8fWiI?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:05:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/python/how-to-print-a-date-in-a-regular-format.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/java/unable-to-start-jboss-as-7-1-1-final-with-jdk-8-on-windows-8-1-command-prompt.png

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/macos/mac-terminal-auto-complete.png

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/how/how-to-install-the-png-module-in-python.png

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/gzip/how-do-i-delete-a-single-file-from-a-tar-gz-archive.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/java/jasper-report-with-multiple-subreport.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/what/what-are-nodes-in-cloud-computing-closed.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/use/use-of-flag-in-c.jpg

Domain: ntcdoon.org
URL: https://ntcdoon.org/pictures/read/read-bash-environment-variable-in-tcl.png

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 11:45:25	Name: FTID Value: 1YVcU10Sb6uJ1YVcU10006eR
.load02.biz/	1970-01-20 03:44:03	Name: uuid Value: 67c2cff3-7ef7-4ee7-9b56-41747dd15a81
.yadro.ru/	1970-01-20 11:45:25	Name: VID Value: 2-cVBH2r53OJ1YVcU1000TY-
.doubleclick.net/	1970-01-20 20:32:03	Name: IDE Value: AHWqTUkGMezlWb0j8Cxc6PSXwZnsUFo3Xcr55oMQmgQQyzBckxj1RfMjgiIK1fDw9Bk
ntcdoon.org/	1970-01-20 03:44:03	Name: zxntcmp Value: 1
.doubleclick.net/	1970-01-20 03:00:54	Name: DSID Value: NO_DATA
.yandex.ru/	1970-01-20 11:46:27	Name: ymex Value: 1967811201.yrts.1652451201#1967811201.yrtsi.1652451201
.yandex.ru/	1970-01-23 18:36:51	Name: yandexuid Value: 8809254731652451201
.yandex.ru/	1970-01-23 18:36:51	Name: yuidss Value: 8809254731652451201
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2067251921652451201
.yandex.ru/	1970-01-23 18:36:51	Name: i Value: JlVImuNiH5A9O6C8mn2IAAitXawl6nFpV5blfqSTDKms7Q5jLgzlt5zMxMAfzkRc0RV6g43Par/OCOfH+w/qX+Lty3E=
.ntcdoon.org/	1970-01-20 11:46:27	Name: _ym_uid Value: 1652451203241472528
.ntcdoon.org/	1970-01-20 11:46:27	Name: _ym_d Value: 1652451203
.ntcdoon.org/	1970-01-20 12:22:27	Name: __gads Value: ID=3934253470e2926f:T=1652451201:S=ALNI_Mb8r2c7cNPLuZ0fJYdUQBVHVc_yCQ
fp.metricswpsh.com/	1970-01-20 11:46:27	Name: id Value: 14681693439738867662
.ntcdoon.org/	1970-01-20 03:02:03	Name: _ym_isad Value: 2
.ntcdoon.org/	1970-01-20 12:22:27	Name: __gpi Value: UID=0000054f62c962d6:T=1652451202:RT=1652451202:S=ALNI_Mbz9y75RODIo1hJAL8I6TVM05FfCg
.ad-m.asia/	1970-01-20 20:32:03	Name: uid Value: EQQt42dpKP
.socdm.com/	1970-01-20 20:32:03	Name: SOC Value: Yn5ng8Co8YEAANGTXyoAAAAA
.pubmatic.com/	1970-01-20 03:02:17	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:10:27	Name: KADUSERCOOKIE Value: C5C26C5B-0F39-4164-B926-24A9FA8F5C85
.socdm.com/	1970-01-20 20:32:03	Name: SOSYNC Value: anNvbjp7ImdkbiI6MTY1MjQ1MTIwM30
.quantserve.com/	1970-01-20 05:10:27	Name: d Value: EC4BCQGQJoEA
.quantserve.com/	1970-01-20 12:31:05	Name: mc Value: 627e6783-5df6c-71fff-4242c
.w55c.net/	1970-01-20 12:31:05	Name: wfivefivec Value: k79doLab1NPw2L5
.w55c.net/	1970-01-20 03:44:03	Name: matchgoogle Value: 5
.adkernel.com/	1970-01-20 03:44:03	Name: ADKUID Value: A7652965829843092827
.e-volution.ai/	1970-01-20 03:21:00	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 03:44:03	Name: ADKUID Value: A7652965829843092827
tcimp.zog.link/	1970-01-20 03:02:17	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-20 03:02:17	Name: 1816.1857879 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220510/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3890713886363470&fa=1&ifi=13&uci=a!d&btvi=4&xpc=5QRjy8AuzP&p=https%3A//ntcdoon.org Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7fb8c60e747dfc91b5d6db1bc1c50935.safeframe.googlesyndication.com
adservice.google.co.jp
adservice.google.com
b7264fc299.5b20a42861.com
bid.g.doubleclick.net
cdn.ampproject.org
cdn.zx-adnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
counter.yadro.ru
cs.chocolateplatform.com
csi.gstatic.com
cst.cstwpush.com
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
gcdn.2mdn.net
gdn.socdm.com
geolocation.onetrust.com
googleads.g.doubleclick.net
image6.pubmatic.com
imasdk.googleapis.com
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
lh3.googleusercontent.com
load02.biz
mc.yandex.ru
na.nawpush.com
newrrb.bid
notification.tubecup.net
ntcdoon.org
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r1---sn-oguesn6k.c.2mdn.net
rtb2-useast.e-volution.ai
rtbrennab.com
securepubads.g.doubleclick.net
stream.bantgoau.com
sync-dsp.ad-m.asia
tb.baimgfroggd.site
tcimp.zog.link
tg.socdm.com
tpc.googlesyndication.com
vs.bantgoau.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
ntcdoon.org
tpc.googlesyndication.com
103.231.99.243
124.146.215.48
142.250.207.2
142.251.42.162
142.251.8.155
143.198.248.63
151.101.65.195
159.203.145.121
174.137.133.49
2001:4de0:ac18::1:a:3b
202.131.200.84
202.241.208.2
23.88.85.6
2404:6800:4004:2d::6
2404:6800:4004:801::2001
2404:6800:4004:801::2002
2404:6800:4004:808::2004
2404:6800:4004:812::200a
2404:6800:4004:813::200a
2404:6800:4004:81d::2001
2404:6800:4004:820::2002
2404:6800:4004:820::200e
2404:6800:4004:822::2002
2404:6800:4004:823::2001
2404:6800:4004:824::2001
2404:6800:4004:824::2003
2404:6800:4004:825::2002
2404:6800:4004:825::2003
2404:6800:4004:827::2002
2404:6800:4004:827::200e
2606:4700:10::6814:b944
2606:4700:3031::ac43:b345
2606:4700:3032::6815:131d
2606:4700:3036::ac43:a434
2607:f8b0:4002:c09::78
2620:116:800e:21:ea62:9418:946a:db1b
2a01:4f8:c0:2f03::2
2a02:128:7:4722::2
2a02:128:7:5241::2
2a02:6b8::1:119
45.133.44.24
45.133.44.25
54.254.238.16
88.198.136.228
88.212.201.210
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
074d2d104b4945b03d81ab34be245da953c8f3512e646fa4614f7bf3f6a52adf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4d94516831512539560ea6901984bd5aa089b602624613da86cb6575e08801
0d5307f84d0915fe8f66621e984a4787a0c411a08e0a51526e04e85b414bb6ec
0fc56e93aa05bef34f47b9282cc2a6ed37272ca2a9dce0c9eed87a10baecbb8a
0fca12c1394653253ce1f781c6644e52365435bec50a8a2eac53e7bc8b0ff1e5
106b18d457fe72a7f97199044d66a2e4c8835126fd2273e7e444082b661f2f78
1130a159b02c087f3182db37b90b19627661c4024f67fc12a4f403ea4f7e1f7f
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18eb6c8a7d44eff07adbf243e355aab8c7336a77308b95f4292758ee10a10e4a
1a2bd42bc7fbd2e7c718771e120ebbd8073aafb021026fb34331f6e735023652
1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558
1c1f8b6e495ddec63477e2f0d7da79f237b54fe33d981d8edd475ceb1c7aa3c7
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e36028519d91fcadfb5a5a8daf85052fa38d42a04a6265f24ace765e170b178
1e7fb7107f7e559e591a6627b3dadf275632d6118c6f3c5ec7eeb38608141cee
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
23ee9380bc221dc1093dd8e406790d3fc7a1333c3c9a667e3572c5c352cb77fc
242187a4736fd7bc43e85acc998bb9622796a24666e4427be99aaf69bd6083cc
24ead18d33d123b50b5a8f7c15d852001bb4e290d756bc64605664ee19fe212e
28163abcc470de05d660a264685ef1db7eb3d16e774137e811c67750d1c7d022
28a7078cfa4754d063aaccd08b6308caeb2f2fd5b498a0f27de4ad9e0ff85114
2a68a21ab231a757d22cb335367ea6a285b9394d3dbb2e8d111c550941287e14
2cb3ee29575f9bff6dbcb1a71dcd34ade0d6c045c54157e5c38d926d50cc0a87
2cd5915298e78437c7a1f4a6f2dc54f282c274407cec4e215eedde923fc4ff59
2d41f1a8895589aef427e8975320bdddd878a5b269bffe4a5dc3eefbbf6de9c2
2d4eef579befca2f7b1d8956a30df654b3df43685d94209fac1a97fb8f007c2d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
30b19907a51238453b034d1698637733fa4d46f349885c17bb408ee9c1ee81f1
34a860268a0cf1387fd91ad76fb18ee92b85139d2b7e91bda542d92e443244b3
36146783665e9d945c68f46e534cc09aa8324ce84119759e7a19fcb969346c42
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3d4fe41cc61d35f6d6768ae3c43cd38c36e69aa45d206975feec012b8c2152e1
3d7c7efab021e9e62bc332cdffc52226ac5bb888cfa76bfde4a3a183159b4bce
3e2960274943f152c7bba94592fd461c329312c886a3b41a4b2667f72f54b8fa
4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f
41be7445ceedec86096fc1d96d60b80ca96a82f57622a6921b3f1bd260f960d6
41e46ad41cd2eaf433f173634fea2d7eb7a29f0d7fcee51a42e9565b190e3264
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
439957e9b352a11f023c8a2b3698a9c509b0521699784caf8a431eaa6324ef52
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45f763d0da5bc9463c23959df2cf2bb13925ffaae8398fe490f137ab2ff9f00c
48583ff62dea84ded7ca76a6790a5b4f5f23ed357efdb9a40e13df4f9b916c23
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49ed74fb461c3772ec8667d41e02d754fbd41500e867bab9d90aa35ff48cbf8d
49f690ea8a1b30eb7ea413046170207dae0d7070b57b7c79995b5ebeba8378ca
4a9cca120d07f00ce68e824cb1d326042b8f59bae3bfa2abf9311e5524cc4db0
4d1bdd30e7eb333f2ba3056da4ee7b64a11e5c869b173cfa7882517541879fbb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d841724e5f355abec9cbf6eb3369b68a948b1b3a663828af811cea0a42bce90
4dd0937ab0a3e143c312ac6f66b57804fff04440d3ddb925ffc33370726fb730
523e3cb7f1b9c0842a85a584b2d72252b8ce55ff7c0efd23a1ef176bf16b1a1a
53340bbb16d1fc104fddb48fb5bc33fa7c388f05302a04c6922eb0ad258449be
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b4c3280eec6c5418d65532a87423a34c0919698bc9a4826484d5cb28a9e7b07
5bf8fea43b3dccdf45e79ae6223316ed1eb6c6742476830a2aa8080db969d2c0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d01925b361e86ab48ee859f2a6f2036502cefe61829154208a3063787cdc049
60d9e566e6ad1063923aff83c43d0ca8930ce0752eb8c40155b6b652ef10e067
62688bc8b7f40a1a722d1203cbc8633e24d2398c7a8cb840255e6896a88c5157
63e9afe4f926740da0675320a7cb31dd214fae6080497df4ff0df3f94641216b
6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4
660c441fbe06d3bfdd2ca05adc3f194ea8b015e131f9da7d3b58970484ceba5d
697a79e316eaea31b9532235ef1f5e62e2291079abeced78a1a04bd0630d2835
69ac0be144f873c72c7a3a88ba9393f523ed8fdfc3d5ee104382932d9f379ddf
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6c49aa86918931779788e8dd58b7af6c6941a886aec3f6d21dfdb42647e1086c
6c780944cc9f13354eff8e89f1b3f83715fc8524fb52295980e3a1b9926210ba
6f1cb47d54f352c17e03a3aaedba81558123b3fdcc0ca4c48694e57efa56158c
70e11e56d144b5ad82ecae3c398a8ecc009d82a72a54412955fba3fb30546915
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
775c5525712a55fd3771a980439273a5ed82af2e1cd87a8996098f7e3b68c8eb
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b1dd353f0daa47bfa915b7de8ffc0d2d35e30c69314be1c9595cb2654fd0284
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dd2c713dff90b42c1b86f71dbfd8157557901a60bd77a81a34a24700bc82a14
804091a5012ec87f9a65abcecfbbb3b8ca308964a3528a94b38211449f7fd592
814cfa4185a91de0e7ce8e054ad2bedaf321b829a7010952ac895015d60c6081
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
849e82427ddc1681872ceea30f55113697845304c90cea7179b0f42bd0a2d3d3
85a0e663aa5987865b320510f525a4954417db87d0f199a9df2b956c10cbad40
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8679571c600d5a54ea7cc908911f153be07476bcbb2efc8c0f949b7febbc94c9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
893592bdc8f706412ca7f0ff799b8de26f82f5cbf2fcfe1edef35e7aeb07fffd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b0a1a5c9adb1088c01946fedc8a6bcda7d74674c8e93bce42bcc41bbf453df3
8b78b033d5e3a08091e84573075afe0c48dff4b419d4912441a50dacba2b7d42
8d191afd2adb2ab603243d47529757c7c4b5a1553d2639887990e6432d537e95
90c825e2825c27f08293bd32e7c0a4ea19e880bc38bd88190ea8eb1f7c48cd97
91a67f246874f0c201e115e0fc6d40f8707ff6201d8b37f8cca182ced96e39e0
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95c914ba3a0df1327be5ce92693d60ff67c2916f3d70629f24f579e2323d5b86
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09db4ee53fce8b52a7febae1a69dc666a79cf8ab03ddf67cf92b33de112e37f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0cd8c60b5837e9f4a24cb36388428a7b4dc398d05245e7512833a7e19c6a1c7
b45a0d8146e65ef3d76ea8e1b5d9cf51cf935160f9aed13983a43cf770320744
b8cf1c9155e2965cd0d27656c7e78f0e4257463d3dd9d8c152a3eb5cbc35be2a
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
bafb4c8d1182d37108e60180a9dc49e0462fac4be93dff896acb4cb29f405f98
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c414753a4fca9097f3299483ea35a41967612090ac4e147624515a86b3d703b3
c53458e6938500ecd140dcf37955daa94c77994e441dc262180276845a605d97
c8cac044f7b41f30af721bbf2a6f18fc375102cd4a0033d8e581a92edd0de3f7
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cccf9492c4c30805006f2c17a56779f03097825c95bcc9c6963f66ca335c35af
d01f027f72a60ca08855235caec53f12052a1590343399a5ab7977f0846461fb
d12f7f1f26bda7ca35e354c047ce48fbb9b1c5096343587170470104939d4319
d38fe7a2b3f982950cf7d11c0a07ee81df110b0b8199a65cb588428c0b629fd1
d6a902f91aa0fe950e0c975e3039eec2236019324d1797a3e4588fce72757ad2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da3df387e9390fb0b4b3a31a62458ddd13a348234b2561e7bce0a6d3e3e18a24
dd59e2eaa60d196afad493b63abf8fb71a9527e4a4a9e897b900508c8024c068
e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05
e0dc2cb2f69cbec2cc78154094c1e4a770e419984589b3014beb527517e3b82d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e424cf7fbcbac51e6512e49c1bbc123d18c91adadee3f048c258336f50ed6f46
e4b92622d0b72339654a6fe38894702c8d0eba389868c1bd9a96d97946aaafa5
e70228a4c8e96a3d0824f76e11053163e75275ddfe8db684fd85fb8a9dcf9198
e7bf452b7546891166a0e7dbb2268e3d8252c8e6a76b3ad5f83c2bc50716dac2
eb9d77a7adae68160ccab24df3e27a8a0d943b1fc71f10a8c90c6d884310f28d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f082f7fa9332a6055b254e19c987cc6f3a37b5ece6a1920978aaaa785d3df60b
f215692264f6fb04a865c206fb55734e1003ce2ede063295c38ae36c158152bc
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86f448386f0b2dddaaea70875ca32488037798c8173f1e4ae2eab8e42507443
f95758866ef9aa32f212bce7d4cfc00faba8d56340d2e462dbbfa5d130e85a32

ntcdoon.org Open in urlscan Pro 2606:4700:3031::ac43:b345 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

253 Requests

92 %HTTPS

62 %IPv6

40 Domains

52 Subdomains

39 IPs

8 Countries

10348 kBTransfer

17220 kBSize

31 Cookies

37 Outgoing links

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ntcdoon.org Open in urlscan Pro
2606:4700:3031::ac43:b345 Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

92 %
HTTPS

62 %
IPv6

40
Domains

52
Subdomains

39
IPs

8
Countries

10348 kB
Transfer

17220 kB
Size

31
Cookies

253 HTTP transactions
13 data transactions