urlscan.io logo urlscan.io
SecurityTrails logo

northcountryonbroadway.com Open in urlscan Pro
2606:4700:3034::ac43:a505  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://northcountryonbroadway.com/
Effective URL: https://northcountryonbroadway.com/
Submission: On July 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 5 countries across 43 domains to perform 162 HTTP transactions. The main IP is 2606:4700:3034::ac43:a505, located in United States and belongs to CLOUDFLARENET, US. The main domain is northcountryonbroadway.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time northcountryonbroadway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 72 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 18.190.65.212 16509 (AMAZON-02)
2 2600:1901:1:c... 15169 (GOOGLE)
3 5 142.250.185.70 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:62:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 107.178.244.119 15169 (GOOGLE)
3 3 142.250.185.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2.18.233.201 16625 (AKAMAI-AS)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 35.188.42.15 15169 (GOOGLE)
1 2600:1901:0:5... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 7 193.0.160.128 54312 (ROCKETFUEL)
4 2600:1901:1:6... 15169 (GOOGLE)
1 67.225.220.126 32244 (LIQUIDWEB)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2 185.33.221.50 29990 (ASN-APPNEX)
1 2 23.45.99.241 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 52.214.168.199 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 3 35.244.174.68 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 52.29.225.117 16509 (AMAZON-02)
1 54.72.232.11 16509 (AMAZON-02)
1 2 52.29.176.117 16509 (AMAZON-02)
1 3.121.27.153 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 2.18.235.93 16625 (AKAMAI-AS)
1 1 35.157.2.63 16509 (AMAZON-02)
1 1 13.224.193.17 16509 (AMAZON-02)
1 184.73.14.153 14618 (AMAZON-AES)
8 2600:9000:215... 16509 (AMAZON-02)
162 47
72    2606:4700:3034::ac43:a505 (United States)

ASN13335 (CLOUDFLARENET, US)
northcountryonbroadway.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    18.190.65.212 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-65-212.us-east-2.compute.amazonaws.com
chat.satis.fi
2    2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)
open.spotify.com
5    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
8705154.fls.doubleclick.net
ad.doubleclick.net
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a04:4e42:62::760 (United States)

ASN54113 (FASTLY, US)
open.scdn.co
i.scdn.co
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
pixel.sojern.com
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:2156:2000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
1    35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
apresolve.spotify.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:20eb:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
7    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
20811782p.rfihub.com
a.rfihub.com
p.rfihub.com
4    2600:1901:1:64a:: (United States)

ASN15169 (GOOGLE, US)
gew-spclient.spotify.com
1    67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com
www.rtb123.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
stags.bluekai.com
x.dlx.addthis.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.214.168.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-168-199.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2600:1f18:612b:4200:43f8:c79a:f116:17d6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    52.29.225.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    54.72.232.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-232-11.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.29.176.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    35.157.2.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-2-63.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    13.224.193.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-17.fra2.r.cloudfront.net
live.rezync.com
1    184.73.14.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-14-153.compute-1.amazonaws.com
bpi.rtactivate.com
8    2600:9000:2156:a600:2:e9fc:a0c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2zi7r1qsrih6r.cloudfront.net
Apex Domain
Subdomains		 Transfer
72 northcountryonbroadway.com
northcountryonbroadway.com
4 MB
10 doubleclick.net
8705154.fls.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
5 KB
9 satis.fi
chat.satis.fi
498 KB
8 cloudfront.net
d2zi7r1qsrih6r.cloudfront.net
825 KB
7 rfihub.com
20811782p.rfihub.com
a.rfihub.com
p.rfihub.com
10 KB
7 spotify.com
open.spotify.com
apresolve.spotify.com
gew-spclient.spotify.com
7 KB
6 mathtag.com
pixel.mathtag.com
5 KB
6 jsdelivr.net
cdn.jsdelivr.net
39 KB
4 google.com
www.google.com
adservice.google.com
749 B
4 cloudflare.com
cdnjs.cloudflare.com
88 KB
3 rlcdn.com
idsync.rlcdn.com
1010 B
3 scdn.co
open.scdn.co
i.scdn.co
395 KB
2 everesttech.net
sync-tm.everesttech.net
609 B
2 bidswitch.net
x.bidswitch.net
857 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 demdex.net
dpm.demdex.net
2 KB
2 adnxs.com
ib.adnxs.com
2 KB
2 facebook.com
www.facebook.com
235 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 facebook.net
connect.facebook.net
98 KB
2 sojern.com
pixel.sojern.com
924 B
2 google.de
www.google.de
171 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 googleapis.com
ajax.googleapis.com
125 KB
2 googletagmanager.com
www.googletagmanager.com
73 KB
1 rtactivate.com
bpi.rtactivate.com
109 B
1 rezync.com
live.rezync.com
789 B
1 serving-sys.com
bs.serving-sys.com
577 B
1 media.net
contextual.media.net
696 B
1 eyeota.net
ps.eyeota.net
344 B
1 krxd.net
beacon.krxd.net
338 B
1 agkn.com
aa.agkn.com
238 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 addthis.com
x.dlx.addthis.com
191 B
1 yahoo.com
ads.yahoo.com
444 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 bluekai.com
stags.bluekai.com
809 B
1 rtb123.com
www.rtb123.com
253 B
1 quantcount.com
rules.quantcount.com
1 KB
1 sentry.io
sentry.io
406 B
1 rfihub.net
c1.rfihub.net
6 KB
1 googleadservices.com
www.googleadservices.com
14 KB
162 43
Domain Requested by
72 northcountryonbroadway.com 1 redirects northcountryonbroadway.com
9 chat.satis.fi northcountryonbroadway.com
chat.satis.fi
8 d2zi7r1qsrih6r.cloudfront.net chat.satis.fi
6 pixel.mathtag.com 8705154.fls.doubleclick.net
pixel.mathtag.com
6 cdn.jsdelivr.net northcountryonbroadway.com
chat.satis.fi
5 p.rfihub.com 2 redirects northcountryonbroadway.com
4 gew-spclient.spotify.com open.scdn.co
4 cdnjs.cloudflare.com northcountryonbroadway.com
cdnjs.cloudflare.com
3 idsync.rlcdn.com 1 redirects 8705154.fls.doubleclick.net
3 cm.g.doubleclick.net 3 redirects
3 8705154.fls.doubleclick.net 1 redirects www.googletagmanager.com
northcountryonbroadway.com
2 sync-tm.everesttech.net 2 redirects
2 x.bidswitch.net 1 redirects northcountryonbroadway.com
2 sync.search.spotxchange.com 1 redirects northcountryonbroadway.com
2 dsum-sec.casalemedia.com 1 redirects northcountryonbroadway.com
2 dpm.demdex.net 1 redirects northcountryonbroadway.com
2 ib.adnxs.com 1 redirects northcountryonbroadway.com
2 www.facebook.com 8705154.fls.doubleclick.net
2 connect.facebook.net 8705154.fls.doubleclick.net
connect.facebook.net
2 adservice.google.com 8705154.fls.doubleclick.net
2 ad.doubleclick.net 2 redirects
2 pixel.sojern.com 2 redirects
2 www.google.de northcountryonbroadway.com
2 www.google.com northcountryonbroadway.com
2 open.scdn.co open.spotify.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 open.spotify.com northcountryonbroadway.com
open.scdn.co
2 ajax.googleapis.com northcountryonbroadway.com
chat.satis.fi
2 www.googletagmanager.com northcountryonbroadway.com
1 bpi.rtactivate.com 8705154.fls.doubleclick.net
1 live.rezync.com 1 redirects
1 bs.serving-sys.com 1 redirects
1 contextual.media.net 8705154.fls.doubleclick.net
1 ps.eyeota.net northcountryonbroadway.com
1 beacon.krxd.net 8705154.fls.doubleclick.net
1 aa.agkn.com 8705154.fls.doubleclick.net
1 partners.tremorhub.com 8705154.fls.doubleclick.net
1 x.dlx.addthis.com 8705154.fls.doubleclick.net
1 ads.yahoo.com 8705154.fls.doubleclick.net
1 pixel.rubiconproject.com 8705154.fls.doubleclick.net
1 stags.bluekai.com 1 redirects
1 a.rfihub.com 8705154.fls.doubleclick.net
1 pixel.quantserve.com 8705154.fls.doubleclick.net
1 www.rtb123.com northcountryonbroadway.com
1 20811782p.rfihub.com c1.rfihub.net
1 rules.quantcount.com secure.quantserve.com
1 i.scdn.co open.spotify.com
1 apresolve.spotify.com open.scdn.co
1 sentry.io open.scdn.co
1 c1.rfihub.net 8705154.fls.doubleclick.net
1 secure.quantserve.com 8705154.fls.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
162 54
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.satis.fi
Amazon		 2021-05-02 -
2022-05-31		 a year crt.sh
*.spotify.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-03 -
2022-05-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.scdn.co
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-09-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.rfihub.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-10 -
2022-02-10		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
www.rtb123.com
GlobalSign GCC R3 DV TLS CA 2020		 2021-01-09 -
2022-02-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-06-16 -
2021-07-28		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.eyeota.net
R3		 2021-06-28 -
2021-09-26		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
rtactivate.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 6 frames:

Primary Page: https://northcountryonbroadway.com/
Frame ID: 78702A36924A0EA334963AB5024799CB
Requests: 103 HTTP requests in this frame

Frame: https://open.spotify.com/embed/album/5swo0goyn6Opxc5oK3P2AO
Frame ID: 99A09D2EE4580819152DE8297E5E534B
Requests: 9 HTTP requests in this frame

Frame: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F
Frame ID: 8977ED02246F81A5FC33D8951F93B438
Requests: 14 HTTP requests in this frame

Frame: https://20811782p.rfihub.com/ca.html?ver=9&rb=35654&ca=20811782&_o=35654&_t=20811782&pe=https%3A%2F%2F8705154.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL2UyqOUxfECFVqtUQodX0AAPg%3Bsrc%3D8705154%3Btype%3Dbways0%3Bcat%3Dgftnc0%3Bord%3D3978848079063%3Bgtm%3D2od6u0%3Bauiddc%3D273151932.1625255428%3Bps%3D1%3B%7Eoref%3Dhttps%253A%252F%252Fnorthcountryonbroadway.com%252F%3F&pf=https%3A%2F%2Fnorthcountryonbroadway.com%2F&ra=5044367620847159
Frame ID: 2C256E90956F5E93F9DBAEB3D77C412D
Requests: 21 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8&no_iframe=1&mt_adid=145397&source=mathtag
Frame ID: 7B6D8EE5AA969883415A15E98066DB8D
Requests: 3 HTTP requests in this frame

Frame: https://chat.satis.fi/?pageID=9617
Frame ID: CED5F7A925F12205B0CFCD0B1D201FB5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://northcountryonbroadway.com/ HTTP 301
    https://northcountryonbroadway.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i

Page Statistics

162
Requests

100 %
HTTPS

51 %
IPv6

43
Domains

54
Subdomains

47
IPs

5
Countries

6327 kB
Transfer

8597 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://northcountryonbroadway.com/ HTTP 301
    https://northcountryonbroadway.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://8705154.fls.doubleclick.net/activityi;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F HTTP 302
  • https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F
Request Chain 90
  • https://pixel.sojern.com/pixel/img/141042?p_v=1&f_v=v3_image&vid=hot HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=teTqKaNmJDUKUMsxzR7BrQ&google_nid=sojern__adx_open_bidder_seat&sjrn_id=spoK9EYGFiCo2SModfZ7SjSpEz0q0BqHSOeWbyVLW83-rrPT9MW1Yz5Q74Ef0wH7&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz04ODY4MDY4O3R5cGU9c2FsZXM7Y2F0PWozYTAyMzRnO3F0eT0xO2Nvc3Q9MDt1MT07dTE2PTtkY19sYXQ9O2RjX3JkaWQ9O3RhZ19mb3JfY2hpbGRfZGlyZWN0ZWRfdHJlYXRtZW50PTtucGE9O29yZD1bT3JkZXJJRF0&sjrn_ula=680702582 HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=spoK9EYGFiCo2SModfZ7SjSpEz0q0BqHSOeWbyVLW83-rrPT9MW1Yz5Q74Ef0wH7&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz04ODY4MDY4O3R5cGU9c2FsZXM7Y2F0PWozYTAyMzRnO3F0eT0xO2Nvc3Q9MDt1MT07dTE2PTtkY19sYXQ9O2RjX3JkaWQ9O3RhZ19mb3JfY2hpbGRfZGlyZWN0ZWRfdHJlYXRtZW50PTtucGE9O29yZD1bT3JkZXJJRF0&sjrn_ula=680702582&google_gid=CAESEIny_aY3U5UFx5s70TxxATg&google_cver=1 HTTP 307
  • https://ad.doubleclick.net/ddm/activity/src=8868068;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTg3ODk3MTMwOTEwMTQ1Mw==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHSTHjbdTFA0PBBqxFedPxQ&google_cver=1
Request Chain 123
  • https://ib.adnxs.com/setuid?entity=18&code=1871878971309101453 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871878971309101453
Request Chain 124
  • https://stags.bluekai.com/site/4722?id=1871878971309101453&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
  • https://p.rfihub.com/cm?bk_uuid=JmTrmy9999Ot4B2Q&forward=
Request Chain 126
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871878971309101453&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878971309101453&redir=
Request Chain 127
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878971309101453&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878971309101453&forward=&C=1
Request Chain 131
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878971309101453&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878971309101453&img=1&__user_check__=1&sync_id=c07c4e3a-db6e-11eb-9398-1669d4c90406
Request Chain 135
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878971309101453&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878971309101453&expires=30
Request Chain 136
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1871878971309101453&bid=omt9pi0
Request Chain 137
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YN9uBAACXMTqTgAC HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YN9uBAACXMTqTgAC&_test=YN9uBAACXMTqTgAC
Request Chain 139
  • https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=17945&userid=cb7bacd2-6c0a-4f32-bacc-a8eba62bff90
Request Chain 140
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871878971309101453&referrer=https%3A%2F%2Fnorthcountryonbroadway.com%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=3b6882a4-0f05-4bda-a4a9-28befdd412f3%3A1625255429.07&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3b6882a4-0f05-4bda-a4a9-28befdd412f3%253A1625255429.07 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3b6882a4-0f05-4bda-a4a9-28befdd412f3%3A1625255429.07 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFFVjXfR9oNYsy3RmR0OFFU&google_cver=1

162 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
northcountryonbroadway.com/
Redirect Chain
  • http://northcountryonbroadway.com/
  • https://northcountryonbroadway.com/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5dbb7edd6a85fb3934a128f8b95f188dffc3d5b2510fde8364841da43192d8

Request headers

:method
GET
:authority
northcountryonbroadway.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SJQcaKFKVgaK5rNjqcGnQTcDm5sLLVrvk2LDQRyYPLBka%2FkZxviMzHd8kW4eZRTVISjL6AoVxxrp1uqjPII54Xb1zGu%2BN2FqhTL40QEfNKBSXDoP43VTHV%2B2dvAH9hvleJTfFpBmcYjadM526CkZ9SoekTE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
668a67348a6a1772-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Fri, 02 Jul 2021 19:50:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://northcountryonbroadway.com/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h8cyznDxycTpN41tax6SG38rpP7TReL4mxd2S1X4O6aDaT%2F1pTGcLiinOBplp5jqRh89RTxkcmr31JCufU6GIP%2FFEkGEmJqUqpnYkjCbBwI2NWg%2BohiTPymHdLOTyKOTkQGsZReXZDPv7s8iFpg2CK1kw7w%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
668a6733adcbdfcf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 		68 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3791996
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10228
cf-request-id
0a2859920900004a9ebb3dd000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-111e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IgFLih0UALTQHAfTtXezg5vQGDUCyYdd0JclRc8aNegQHGeoN1U7Ly%2BhwfJEm%2Fvp%2FdAN9P1%2FB%2BPGqc7nph6D8INcQbYifZo7U0HgHUs4iedyUweZzeMcgPHF2aeet2k73QZhJJjMn8MXVeN4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
668a67355caa2488-FRA
expires
Wed, 22 Jun 2022 19:50:27 GMT
main.css
northcountryonbroadway.com/css/ 		128 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/css/main.css?v=1.71
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43f02c549790c49fdb850aa299095f12783d76d61911920cda36c07ce340b32

Request headers

:path
/css/main.css?v=1.71
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Jun 2021 16:15:36 GMT
server
cloudflare
etag
W/"201a0-5c585554fc77e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=enDy2wF9ZP%2F6V50AfLOn7%2Bgne%2FeAVL9YFDwFyvYH1d0smDuzh9BkJcGZLpRNDIQ3k6ZCzqLmouajAmk0Q9Gmr0cJq5dWopHfWCQkpb6Tk4bDW8MOWXjip1kSVj8LgjRQRf5Wt3VRbFJyLur7ONtygN4YYMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cb81772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
tickets.css
northcountryonbroadway.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/css/tickets.css?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96694805d8f2d34728b20d0a8047b248b29467c26d5b13688d2f5f475e32aa3

Request headers

:path
/css/tickets.css?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 16:29:57 GMT
server
cloudflare
etag
W/"14da-59deac8a79877-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u2qoaGSBVvd%2BTunmV5vo8%2BOpgFJ%2F%2FERRgo8PZTSgCxHI4Pd6JfTI1WrWgKD5LxkwKpJtP0wKpWpQQf%2FYAdgNWeGQTdBvgmU0GTaWS9c0teMvhmC6jY9dEWj46oLGNcIHHV4sGEHFClWtHygbDdXW4XCM30Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357ccb1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
hamburgers.min.css
northcountryonbroadway.com/css/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/css/hamburgers.min.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24fbf98a0312aa6db3b49c6d8e2ba9d2ae8d316bbb2f731b327f45ab23e07dda

Request headers

:path
/css/hamburgers.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
W/"57ba-59389cf8ac5c5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l%2BBJ8lEec1Ltq6PesKBdd0O6DenRNWbd14Y%2FCjAbAJB76HgRyeELnOu19MfHsSTMRMEnTt1diW5KkyuDFad9WwEbnOvDPAvbsjMyrdoGnvBcSDuPaf67rwoerhkvWbCs7F5McX6XzFeyXLTNJxTokVLSglI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cb31772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
lightbox.min.css
northcountryonbroadway.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/css/lightbox.min.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797

Request headers

:path
/css/lightbox.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
W/"9e4-59389cf8ac5c5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=exBF2auE1zQlZqItHHy5hCJ8LC6pUjcvspw6sY76WYZMbhrcWl0TDSG0W8ot7nrjrWj%2BzvfMD%2Ffo%2BzVv9i38%2Fb%2BfQryp7p0wmQaq5yxasJRW0fU7MuA25cQeYLkKX2lEBcmupJHQ%2B7ld%2FtfeIbCXU8JEvbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cca1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
magnific-popup.css
northcountryonbroadway.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/css/magnific-popup.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

:path
/css/magnific-popup.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Oct 2019 21:33:41 GMT
server
cloudflare
etag
W/"1b27-593e01b314012-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FoxsbiR5DTLj9IuI%2BPRxWYJeWhXduFyTA5%2Fsj5tolHcKAHaArhqr%2BXmrIpr3E8EVLmWqpg%2BI7t1X3f3sjcI6wRxqjnJimVfF3yX6fe4Ww99ASEK4WR8LJra772IvQ3EXF8tLg6YOWsI%2BlK5VW1KC3G%2BsEXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cc41772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
animate.min.css
northcountryonbroadway.com/css/ 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/css/animate.min.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49a626f58f78a3117dd63cdc4ff6e6bddde5cd1c3b437962a40fccdbb5d82100

Request headers

:path
/css/animate.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 16:41:22 GMT
server
cloudflare
etag
W/"130fa-59dff0f4a86bc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2TH7nCq7Qn4MaB%2BivmAy5waAqMtqh86nyNW93ROEzlMLx%2B2R6AikbRocxrj0at05ufSpeOhdOUk0sH%2BbEPA%2BI1Yi210cnTswS5Ykq7RoLnGLQLLMURwSnYvBZIFCwhxhKfe%2BqUqTeC38PYefH6Fuo5ghAiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cbb1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mobiscroll.css
northcountryonbroadway.com/inc/mobiletickets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/inc/mobiletickets/mobiscroll.css?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda425225cedf6d3b5434881da147a6f70b7a21c62aa7a337c0151dd2775d40b

Request headers

:path
/inc/mobiletickets/mobiscroll.css?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 16:29:57 GMT
server
cloudflare
etag
W/"18a9-59deac8a7a818-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2a2saltylMnFL3kZaK1LV66RuEoQKkZbHzL9pWTTgp1gGqQ%2BvkkREWIUeF%2BhBo0n%2FmcvKg0v5pO2Y%2BhWNFYR8h4WHgeGahDj%2Foj%2FHUvuhiXZBOfLhq2MlO6gOTOxHV9HfEkHmTIRRs2%2FkOWaL%2ByTzxkfe%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cbf1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
stylestrip.css
northcountryonbroadway.com/inc/mobiletickets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/inc/mobiletickets/stylestrip.css?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9566b9f02ae6df516617a413449eff4994e634d6bae2dcb4cca4760f69a0eeab

Request headers

:path
/inc/mobiletickets/stylestrip.css?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 14:55:27 GMT
server
cloudflare
etag
W/"a6e-59dfd948a4a60-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SEic%2BT7qo%2BA5IYcM1uCD7IolchEDNgJnLgSbaj1FJ2iP0J3q8mi1716%2BgU656E8MUmFxhwUxg2yP41SDJvUni4TmPearohrdwACdzHxzR%2FwYJ7nCr1gGZ%2BIzcHmLMx6SF6QDbZgouRi7ZL5t7MfYQfYY15A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67357cab1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		2 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1964788
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
569
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
x-served-by
cache-fra19138-FRA, cache-hhn4068-HHN
date
Fri, 02 Jul 2021 19:50:27 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5603671
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1541
cf-request-id
09bc5d98f3000097f6f3ade000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZsBCpA4cJDF8r4ud69EvYCr2h%2FhQP5efZI3M8L1yr1z8hYaTnYmO4YL5Uetyd6M3tQCTevHgJ5FUq96D%2F5NJamQsVcj%2F6WKNyo54Yx5cUrOOd3DgXh4owtrFBqUdTYCLu0rh3ptd3hmroTKLdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
668a67355cac2488-FRA
expires
Wed, 22 Jun 2022 19:50:27 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35881
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1299
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by
cache-fra19171-FRA, cache-hhn4068-HHN
date
Fri, 02 Jul 2021 19:50:27 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8705154
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25351aed0b90f256e00bbb4cb7e139e462cc96191bf84759cd23cf0297971faf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34970
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 18:11:04 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Jul 2021 19:50:27 GMT
nav-icon-music.png
northcountryonbroadway.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/nav-icon-music.png?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e6bd1fd9420e5315e0e3f1f0be6d5982db2d8afb66727390936f13741a0dbb

Request headers

:path
/images/nav-icon-music.png?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"afc-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xDg7mzAdRDbNGyuIobMxv8jqk9PxdH7uvh%2Fg7qNHNhgKQpkulKhJY39pp4%2FJE3wYLe6IWUmMQK18%2F%2FA4CV2Pc8bYuVxHCifMsN9n3CulhNSLGa15pXaLLQvj9ljM7LS91ryBAVvCv%2BgZk1UFHfvGmzqx4N8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ea11772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2812
nav-get-tickets.png
northcountryonbroadway.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/nav-get-tickets.png?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2332ed688848e6d166dcd7b6aaa738b9ae10b12c4d9a4284993b3de8d1e038a8

Request headers

:path
/images/nav-get-tickets.png?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"2423-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2GHBY%2B%2BZiouszfahQS9IOCH0Rap4u8T0ksx7ZoLCwBt%2F%2BZQhpg6yT5gV4nnoj%2BSvJZhxIjX2sbf7sBUXo0g2p80LMytsIFrCqwiqDWrY9QY50gZmK6AEpVMiEuvrADJB3Z3fxHIMumfUp6qkNGPR5V3kuik%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ea31772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9251
LIB_Horizontal_1200x675.png
northcountryonbroadway.com/images/ 		360 KB
361 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/LIB_Horizontal_1200x675.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba332dbedfce56f226409162941cc87877c37d2543ee638ae6dfb7c17b255919

Request headers

:path
/images/LIB_Horizontal_1200x675.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Apr 2020 23:59:25 GMT
server
cloudflare
etag
"5a062-5a2e4681201cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aJUbhdf5IRc8qE%2Bnbh9%2FU5r14U5pkixjTxG2UbAm%2BUfcnkUhLj7IjIb8xnZ0Nm2JAi27CccxK04gJlWeAnvnCScRHg0OdtDF%2FsibAuJp7u8PibYvnWNkR0nJX7a7uhiWsaa%2FWVmTsgzb8rQNLYSoWSsyeWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ea51772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
368738
logo-nyt-g.png
northcountryonbroadway.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/logo-nyt-g.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2ba03eb2cc3b5276547f700b0cda3717acddde6d255c60fdcd85e4927921bb

Request headers

:path
/images/logo-nyt-g.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 06:59:47 GMT
server
cloudflare
etag
"3773-5a02a32f9866a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0luLMC4NMcKiDqE%2FAiWCfnebaptY%2FpOFgx4xl8NYDA65no8PgEB5bfOL0MhpmVaPoIh1N1sCO3i0mPpm2qZf9GHBKuhiKM%2FkYCqkoPmMdJPmd4Kn8jdWfPR0Q0T0POdw%2B0qE%2FIfoWBZGIm2QUsqNX7ibjDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ea71772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14195
logo-chicago-g.png
northcountryonbroadway.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/logo-chicago-g.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3733f5f0ba209431c473f0e62ef36672e079d0d5541313a220882a027c31790f

Request headers

:path
/images/logo-chicago-g.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 06:59:47 GMT
server
cloudflare
etag
"3f6b-5a02a32f9866a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3Rpj%2B8WosBwaX0%2BiEWImBq2uUca0fAh2ayBxEwrMWaiyNbodOxJNS5cFcmEOnZHzVe%2FMM171EL%2FdvJQ%2FQkuR%2BYMwcrb80OQRuEhgeTJfVtbYZN4ehIXZ71BIep8MH%2BImlExIxPvlqllnRGQPtDQnL1DCjAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eaa1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
16235
logo-beast-g.png
northcountryonbroadway.com/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/logo-beast-g.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cdfb975d18d2acbabdd9d273268e380399371e2039887529902629cdbdd3b1b

Request headers

:path
/images/logo-beast-g.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 06:59:47 GMT
server
cloudflare
etag
"8603-5a02a32f9866a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5xjRq6ED2IH%2Fbp8mw6fBwKr3cJXUOu%2FdjFt7C%2FOpVg%2FFSw3uWVIyYfcgZ2nIgpvEd0mp%2Fay76fuxWCP5DvM0zSBZZH7LiiamYCdoLOcgNCFb7q%2B9zj87IewvxueBFxFJfUwOTpjhf8PPilD8HgU5TnprZ6s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eac1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34307
logo-ny1-g.png
northcountryonbroadway.com/images/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/logo-ny1-g.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b6af05ca06b278e4f5c3f03b3decb0ae5fd441f2647ff1fba8cd962805afc3

Request headers

:path
/images/logo-ny1-g.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 06:59:47 GMT
server
cloudflare
etag
"14d35-5a02a32f9866a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RWmATst74OK1Fg5Z2%2Bl321fc%2Ffum7%2BX1U%2BTMzn8L3JHubyGKTqcxp8Jli%2BhNn6QZyJx3ZskJIUP29qnB2%2BP8JkhB%2BYmScLjnNnGKmTyLI9HkwvGXmRpInhAhc3Zl8sH6asqys2skXcjD4axSVlNcHWqV5zk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eae1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
85301
emb-long-l.png
northcountryonbroadway.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/emb-long-l.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c8e9e4f34575fa3ccbb65dd5b4fcbf49216d6a9664bb87784220ccd871e5ed

Request headers

:path
/images/emb-long-l.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"8e3-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xdz38aEkexdp51PViuOuo8ix71c3k1mUQge%2F%2BYdcXFzC%2Fgn5Sfp%2Bw%2FgWx1Ck8czs0ufNNOZYt4BumLo3d7s0bS9GCL1%2FnkYFUFUUxXqAUmOjVYPXIkkbAe7jVTQz25mFS61KMhp00VNJa6pwToaLcU5INL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eaf1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2275
emb-dot.png
northcountryonbroadway.com/images/ 		671 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/emb-dot.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e255616d89a040df540989628aebb201b839991d365bd7732704ebce5f8d5b5d

Request headers

:path
/images/emb-dot.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"29f-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BkIIJDpYJKMtLfRcDT1m%2FXIbAPISodyqZzZ4Fe%2F7tZHFyUsNwJ5QLUt3PCBUebwNjAS5pu8HDw%2FRCo4lfWFvuJOrbnDdoPBoK4zpzSzKjGLHwbJ%2BeLyCdO%2F2quxBPQw944QBt%2BXq0fUAHvfsLeTDsdbUYj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eb01772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
671
emb-short-l.png
northcountryonbroadway.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/emb-short-l.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5584702b3b62da6c370311dcf472fd6e58759e0937a0a1441feeb1903607f49

Request headers

:path
/images/emb-short-l.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"58c-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pLE8Rbo16gmWGe6NH2yLV6TpkmYzLA8jQI8c0FT4%2F%2BajcvMKqPVyNWPXSRxHfg0exfb%2BK9%2FbO1op1BtW5dBGMWZkd3Of9w3itXv6RhBA8%2BuyK0bcIFEcKz2MoW6ygNf7iGjR3yP4lhUN%2BJ9b7%2Bv0JC2vmkU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eb21772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1420
emb-short-r.png
northcountryonbroadway.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/emb-short-r.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe7d643d02aafb9f5574edbf23eddb968775d35b797e56bb2d9c8fbd2e45894

Request headers

:path
/images/emb-short-r.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"585-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BxNoZ6e1oIbomGLaWV4tykaeOARiY2Zda9Kpid5q9ZWXbjfN2tc%2FagRxFwRjdbF07jTxxhI7lueERPo%2FXIYrM6Wr3rGfJPTUXy7KdpZv8BlpFypNvk8qnIsCMMwXsO%2Bu8YDgGzB3oyhT7EnPBm%2BIUV2MZLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eb51772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1413
emb-long-r.png
northcountryonbroadway.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/emb-long-r.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cca06e988fc0884b2d53fc3f97022ed8ee1d147197c464d4d716efbd83ec35

Request headers

:path
/images/emb-long-r.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"8e3-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sIWBthffcdSHGUZvi31KDUC44zbJWbUAoVom%2BIlKtJ0%2BpgtdpasC0VXEoQVijP76BsPXvOwcnx24Vn5lw%2FefXrDx6ZG0cUDHRa0dquS6C8Kdwsr0r4om5mHDvjKGkdYawWI6OwpFGgzT0SGrX0I9DXRLpxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eb71772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2275
home_video_5.jpg
northcountryonbroadway.com/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/home_video_5.jpg
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7022fcdd1e7906d7fbdefde8835735ee913bbd2f201985a769c6b091c266e9

Request headers

:path
/images/home_video_5.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Mon, 24 May 2021 12:13:14 GMT
server
cloudflare
etag
"fa7e-5c312557388e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DLfwVzOAN7Lg9in3lw0zvT4SRzRqPTVmZblMhq%2FVr0a1OX4CdkyoALjHc7JiwZ878O3l7tzsjBybZLCXCRQFwrpxax%2F4UKZ3N23V%2B%2B7PgK2TG4jhwwFvn9cb3QptfgrPaAjhUzef0Als2%2BaT9vbgiSi7EbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eb91772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
64126
home_video_6.jpg
northcountryonbroadway.com/images/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/home_video_6.jpg
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c1901b8d24d948babb9afe61b37a32b1a07f1c02bfb15be91590dc45cc2ef4

Request headers

:path
/images/home_video_6.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Mar 2020 16:02:29 GMT
server
cloudflare
etag
"c1e2-59fe1506ec0c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FoJUNyUarLpDpaqS0eYQ%2F0Ayemzw%2FruKiK%2B%2FQ2PaZAnN3S30%2FPDYhyv8d6oBK214lPvhZ3S8xn7KKbroJoEqREyTOnhOKWpnYlASjHbx2Ri28ct%2FSTSdeQnMXG6EjKvYdd6JWVI69i6RKiPDWpXlTlNOOms%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ebb1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
49634
calendar-arrow-left.png
northcountryonbroadway.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/calendar-arrow-left.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b84c1b3d736031dc8cae8b801f67994e2559050fc0628a8fb24cf0ebe271d8c

Request headers

:path
/images/calendar-arrow-left.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"1255-59389cf8b2387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ct15EiJf4lgpfaxWyES5LqQFNVhLT5Ni%2B1y2jLjIQyyc3nxx16eecrq%2BHH3SMsJ%2BqSNxTgfT4Y1Fsk64j6SvOk2Fw%2FRhoMMRB9JnW7CRmsBpIRCHaz3NMMQnZnBAMeES%2B30%2FlJqluHhgqNoBPdwSw8gliJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ebe1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4693
small-arrow-left.png
northcountryonbroadway.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/small-arrow-left.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c01ec2367802de8a4d4f640fcb6cffcc26a8fa0d624a3ba4ebb0f57851a45c1

Request headers

:path
/images/small-arrow-left.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"a30-59389cf8bbfca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4hEg4w3jb%2FRGzEcxXkI5yjp0mOLbJoX%2BdtteKX8WnBSdJrmpR0m3D2bcgfgKzjk%2FB7mUcac%2FTWtajawY1GqHSrDyLDNsDdB%2FXDd7wgDO%2FaaZGxyyW79cTDM%2BEHzxZinzOsdQsELyxaVfDEYdkXkRAnISMyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ec11772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2608
calendar-arrow.png
northcountryonbroadway.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/calendar-arrow.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4c40e74e0b08b38192ca829e47336c15c7a9993ebce88a58fedc64b88cd282

Request headers

:path
/images/calendar-arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"1279-59389cf8b2387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9D0zoqyrIzvh5I2sOdBkoScSpbMAN0BV%2BOU2RfEfYYoI4HSvXJqd0lThlpVI8%2BWCriQOLmVq86737BP8hDeX4HzcsdaGXHz2bxfLI%2BKQmx0DlWqNal%2BK%2B72XTB%2B3XDxDLOY2lEGKrBIdtk1Wv0omfcCPFOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ec31772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4729
small-arrow-right.png
northcountryonbroadway.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/small-arrow-right.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9e2e23b81cc1eb7e7cff4fa1363576e075a83d88a8f6f38da5d2b395bcca44

Request headers

:path
/images/small-arrow-right.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"a22-59389cf8bbfca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NtJKdLaa1Nq%2FOGvD8ImC1JIWs7u3Y0xheJx8CxMYMmnIXY86sbClXxLWs2Cdunt%2FO1FhvW52X20YUl428GT%2FDidi4P5nQQ8G16oVii4aG%2B0aUpGYYH7Yi%2BlwgB%2FmQFj8OuGRuLv9RubAV4hSrZLN1rMYCWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ec51772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2594
bob-dylan.png
northcountryonbroadway.com/images/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/bob-dylan.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadbab8b313c8ab0ffb1ab5907c7735bcb90e3c5e252f7ea4f5166f8ca0670fa

Request headers

:path
/images/bob-dylan.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"3f042-59389cf8b2387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=38JWMBbLAHy9DnnNHBiAEHdlvMR56vLYUsbB%2FdUF0HbQD9loKErwjp%2FdXTtHPvLqGBqnoHXealSLTkj3a%2F1oP5RJKYs7HRtVe5u1AS39wpI%2FC6tYxT12mdg3KVpBXotu3ezbQY8M3C6Ge5h8t4m4FjAxoig%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364eca1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
258114
album_video_2.jpg
northcountryonbroadway.com/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/album_video_2.jpg
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b9e8f856422ddd5e8b99c947f761b17b874dbbcc4f89a3d66402d22d8cf930

Request headers

:path
/images/album_video_2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Jun 2021 16:15:36 GMT
server
cloudflare
etag
"9e52-5c585554fc77e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K1hQHzxJJNrfs2SiPLG%2BAjuNGNxb7NjVQ392bvH%2BG6cpw%2BPBHZlqMyEvrflI7OOzxfGmjbOQSehg7qQo3aKmH3obu2oI8qgyd0CjxrS5KBTdXZVIQTNL%2BgfPKEsBcNLll3S2Bjf1XnufaHa5iCmELbK4CCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67364ece1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
40530
album_art.jpg
northcountryonbroadway.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/album_art.jpg
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0a22832a98e304d91ecbb3caec5ba77fd637863087c141b3ff74fa4fea7402

Request headers

:path
/images/album_art.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Jun 2021 16:15:36 GMT
server
cloudflare
etag
"5331-5c585554fc77e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5QBnnTD8YZ3AdmQYNgzNr5G3fSHE9iI9uXwyBuVd7VCBlLj%2FXIsJmLpcWdJwdWO7yMTPrKlmTGkerJfW9aGuZwyL1%2BYCLZ%2FTYkmLTbCRhEqJAoUSlgzr%2BhBnyCFEcWZsrTLsLs39hwz7MpVuaX9X2ulgMTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ed51772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21297
album_preorder.png
northcountryonbroadway.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/album_preorder.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a797f35be7bc6505a3d75419d1c9b1d951f0f0250f7fa471688d1b54253d8afc

Request headers

:path
/images/album_preorder.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Jun 2021 16:15:36 GMT
server
cloudflare
etag
"315a-5c585554fc77e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Mz5%2FvqLBh%2BLcjOXEApYWhEyjBDu2ix338mTIvZ85uXeYVfVDnvNpu0BJQ1PzrNhri4otrOctLU3lnpOxL73GoOUq8GVKqEcZTIpruejE3NhzYAmtUIJZCwvhxLC4NnUpj6sIhhO%2FdPIMRkgbgRvzcOcH4T8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ed61772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12634
icon-ss.png
northcountryonbroadway.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/icon-ss.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7bc8081891a51ceff1a3530f4fa0b15a0e0cef655980f41bd18ba5df784b13

Request headers

:path
/images/icon-ss.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"8c7-59389cf8b42c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VhIqavm26uZLc7q2a0LkU2lGSBKKVyR5kEoYsYE%2F76BkvXhaSdHdaNCsoqx4XoqnYEgEIsw3MDn%2Bng9MZy69mBqGFvzkkTivtjS8rEp1e6uNRE3yI8D5%2FOqDCIrcNNvdgY6afvQMheTxGo54SrAzcUpOUxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ed81772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2247
footer-old-vic.png
northcountryonbroadway.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/footer-old-vic.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7815af333faa73673199bb4a1470bbe530fabb9814cf8a53f440dbf8b1164593

Request headers

:path
/images/footer-old-vic.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Nov 2019 17:33:19 GMT
server
cloudflare
etag
"a22-5973dc2bcba9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=V92eqmY%2F7Eo7sIC%2BSV%2BLnwJ4Egi9hsu%2B9pBbqhCDl5x7zIrFkSU%2BwBdtawrJUPgxR8n%2FX5f7gnKeJxbpdIEjPmDwsk%2Fw5gJ6PdVCM%2F%2BeXsEaxYeah4EjN8wMGNDWHB2QKhx1Pf0kwC3%2BUUk2FFZTyLxzDiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ed91772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2594
footer-public.png
northcountryonbroadway.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/footer-public.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a75dc2d6f1f4c6ed9911a20ebc7350b8ff467eecd822880fb89d5f1aac42c09

Request headers

:path
/images/footer-public.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Nov 2019 17:33:19 GMT
server
cloudflare
etag
"87a-5973dc2bcba9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2pslVYaadKvqgHJLPq02WiUX8iKKMwiz4VKa8SPEgEjVLNuMLS4IYr4CprUdMfat1FSpOSY9EguYnlmlbjyAheRjWMjtjNsqdROAISKejDeKHue%2FeD9eWpOry6Y4H3fqn3bMQaiHSda4q5%2FvphfsSyVEnPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365edb1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2170
amex.png
northcountryonbroadway.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/amex.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d2e80332e79e8253654ea971e1672f9136908950558fdfcaa2e792f9211290

Request headers

:path
/images/amex.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"1c0f-59389cf8af4a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kQk4fRbXRQnLMPCF7CVfFxwQa3ZAtB3mZZcwme3%2FEs3N314gGjH9eubCQEQ1KdolEIY6O4A6%2BpnVELZcm34TDTrbHYdqhibxyam2Dz67WbaNWlEzxN7OxszmcpRf3KENjiXXBfvj%2BNYUc9q7ZwaPztLS3rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365edc1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7183
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 17:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Jul 2022 17:08:01 GMT
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1973739
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
10429
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
x-served-by
cache-fra19145-FRA, cache-hhn4068-HHN
date
Fri, 02 Jul 2021 19:50:27 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.modal.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4023360
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1399
cf-request-id
0a1a8f396300004e192d805000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1359"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OMEIb75RRqOkrnedHdl7Tm%2B96IL47laq3Bc9uzlziMmtejbpwFq8LGra5X%2Fp2M%2Fdm46gh06BrXXRuMSc1B37WpK1PZnfYtIKFKai8mBB5hzs05rL0cjdizkQnmXMVLkIEdLfzRDTs%2FfMqt5LUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
668a67365ff1d70d-FRA
expires
Wed, 22 Jun 2022 19:50:27 GMT
jquery-ui.js
northcountryonbroadway.com/js/ 		440 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/js/jquery-ui.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec07ee5912c0650f1f458bf1977356d9982ef0110cd92b86ccfd5c0d9b52fa7

Request headers

:path
/js/jquery-ui.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 16:41:22 GMT
server
cloudflare
etag
W/"6de73-59dff0f4c1d05-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5LkTO6uYHbiMR8m1tD9BI9qA7mZ9zU0%2Fzj989hLriB11VpnJvb8U4Ibq9VdhZITDsYPPRxskQ6wle%2BtuwFUAMFDvPkvYF0QqY9%2FseiP8gCQGxdGAjDl4M7s%2BSpF20%2BiA3t8IjsZ8wQsm%2BZepkwKV6%2FT6Z98%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e831772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery.ui.touch-punch.min.js
northcountryonbroadway.com/js/ 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/js/jquery.ui.touch-punch.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c386642fb0babbc9f7955875c90ea1efff32c01ba99a063185f7d677e6989b

Request headers

:path
/js/jquery.ui.touch-punch.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 16:41:22 GMT
server
cloudflare
etag
W/"4a7-59dff0f4c1d05-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=L2UnajKVEG9ew496V7DD%2Bbk9CU4gKw8RroziJu3IIOi5zJquCvp51pQsuy%2Fh8rwvk5PumcQkGC%2F6TILZnsyedsQ7hYO51wwFDYejTo4n%2F4%2BLaaOUIp5bHiulS32ISHxU3RuXXbjayroFJ9bBmW9YUKI3ub0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e891772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
lightbox.min.js
northcountryonbroadway.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/js/lightbox.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad2b29586a7f8026ea07f23acc86dd7ed4f32132aaca9c1f0ae60d35d963792

Request headers

:path
/js/lightbox.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
W/"2528-59389cf8d36d1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FSpz0RdneEpiyXTE%2BdD5TSGsAZohWfVT8qNjI8%2FCPWOD78Z4gFdLRYoM%2FLaipU62k1yb%2F%2FDq8aWuMZKIBHfPu2ZEUMufxeSmhv6p7ASrI9NPfK6ZtmRcQs5lrursyMp6XumC%2FqrsIgSl99T266jVumOJdE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e8d1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery.magnific-popup.min.js
northcountryonbroadway.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/js/jquery.magnific-popup.min.js?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38ef52f3f713eccddf166807b7ad3844c5672b8e52a8fb2c0e7bde80af3729c

Request headers

:path
/js/jquery.magnific-popup.min.js?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Jan 2020 22:28:42 GMT
server
cloudflare
etag
W/"4f64-59c0cff6d6582-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T9tVHQHK4cMRzx9hsQXwiY0cGuCyfhgxFi%2Bdvueex5HJg0%2B1iDUOozPu%2FAM7ha3aMp9i89FOP6RvMovq%2F5U6cg86z0wcLVcNpUawjw7ZKgyg1w8Xf6S2LY3C6mNJt6KMFCsCnTCzT5gUHww8vJV%2FiSOuxes%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e901772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
scripts.js
northcountryonbroadway.com/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/js/scripts.js?v=1.10
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d53a8edd17088cb47de511baaa7705d0b5e25d7ddf77b1682e907525b520e8a

Request headers

:path
/js/scripts.js?v=1.10
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 23 May 2021 07:02:04 GMT
server
cloudflare
etag
W/"30fc-5c2f9dece0651-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lLa7FJnF7UmM3W23uW3kErVautRf0R5lUzFp5kTV3sFW5eZbZzgT5%2B3bkR1PfW2ZCj%2BYDcTkuHkzJXBu5s9e3Wagdap5jSuQNC4VpLjA3ttVrrwVSZ6G0pQYJVmFnvxXzke4hu8IxFGYOgqO%2F4QkdXkFBcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e941772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cal-best.js
northcountryonbroadway.com/js/ 		1011 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/js/cal-best.js?v=1.4
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2edb11cde37f390d77ec43da8f5b02438512468a7fc1efc2a59e5886867274

Request headers

:path
/js/cal-best.js?v=1.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Mar 2020 18:11:30 GMT
server
cloudflare
etag
W/"3f3-59ff73bb01e2c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zli6VagLTAwBIe29omQGrLkXqJcVRhZWiOSYhluiXVGf6ZCkPG2LQcnvhbyCNhym4Ym%2BZGYZcyt9u%2BQY5hU5dantgafycrcZ9aWKkkTEa0Cqgir2Coqbu9zG5QqIJpgH9P9asIsIJ1Oi2ZjgmsZLGEDtR9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e971772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
fullcalendar.min.js
northcountryonbroadway.com/inc/mobiletickets/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/inc/mobiletickets/fullcalendar.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6db266dafa1684057ec7bb7eb49136e68cf7e1f45767726d365e8c2095b06c23

Request headers

:path
/inc/mobiletickets/fullcalendar.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 16:29:57 GMT
server
cloudflare
etag
W/"1077e-59deac8a7a818-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uB12dShmTqZ8K4XUo5WMlFrsedzkA80ROZUDnvGWIMKwEomHjemKfLjkB%2BEl53pOqXxiufO9gQP91OPyFBxF5Y9sDwIicEEzEgWXwBbwOJbaNEbu%2BSiOGajH%2Bh9GlSn0RuCE7xo28kW9657aic%2F8W4n2j5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e9a1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mobiscroll.min.js
northcountryonbroadway.com/inc/mobiletickets/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/inc/mobiletickets/mobiscroll.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324bc04ad3fb0e989a46084c965c4a9eea96ea628e7ae3f47c1d6d3f1fc06cc4

Request headers

:path
/inc/mobiletickets/mobiscroll.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 16:29:57 GMT
server
cloudflare
etag
W/"5d65-59deac8a7a818-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5W2Mz%2BbuvnQH4%2BpQ5y2r3o4%2F4eZzcSSpkJKHdcr0cXqQ9kDrz%2FxWGCFXRpAPn6i2%2BLkcwWh8kUIrM7Ci27Ze92am4UZb0MLgJSwDu9rSK%2BM4Vf17yDUuPsoJ5ZbGlipxUD4IQ0laKgGK%2FbAtd9svSorGIPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e9d1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
tickets.min.js
northcountryonbroadway.com/inc/mobiletickets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/inc/mobiletickets/tickets.min.js?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26436428a3ae8d389b940ff9d7374271468afa1bfd64bdf3d02b62302c611650

Request headers

:path
/inc/mobiletickets/tickets.min.js?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 14:55:27 GMT
server
cloudflare
etag
W/"199c-59dfd948a4a60-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yrtY6IGDOLqez7SYTH%2FCAB0mgdGE7XZsJWDivLOqkPeLbI2ooBp9a%2B6jVeYaclWCb4QUyp7gQBfB5%2FcdV6360avsOXPAeYxIJCzT0epAfkeinJlLypaW0ZbWwQP64ad2Y%2FdXWdOBQG84BxeC0iiNY0mvxJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
668a67364e9f1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
embedder
chat.satis.fi/popup/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/popup/embedder?popupId=7379
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
189239fab8665ce7a1c71fbe8dbf69ccd3766cd91a75d883665e752810cd3416

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
95680BB9EEDE592F8794B7BA26B00BF5
vary
Accept-Encoding
content-type
application/javascript
content-length
53931
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5380
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
6756
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by
cache-fra19178-FRA, cache-hhn4068-HHN
date
Fri, 02 Jul 2021 19:50:27 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TD2WRDF
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5186473661bc894ffc3a3b3f6d369984b3b1f89ce4a88d6707fee73501f77cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39687
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 18:11:04 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Jul 2021 19:50:27 GMT
5swo0goyn6Opxc5oK3P2AO
open.spotify.com/embed/album/ Frame 99A0 		56 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://open.spotify.com/embed/album/5swo0goyn6Opxc5oK3P2AO
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
030489aab18419549f58023e5f510375331099e58a91179ff73b6fc19ad0de4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
open.spotify.com
:scheme
https
:path
/embed/album/5swo0goyn6Opxc5oK3P2AO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://northcountryonbroadway.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://northcountryonbroadway.com/

Response headers

server
envoy
date
Fri, 02 Jul 2021 19:50:27 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
spotify-request-id
94c1e23f-ec3c-4467-8684-57d1fdf529b5
set-cookie
sp_t=9fb4f0e98dbaa0892763a72f30815b67; path=/; expires=Sat, 02 Jul 2022 19:50:27 GMT; domain=.spotify.com; samesite=none sp_landing=http%3A%2F%2Fopen.spotify.com%2Fembed%2Falbum%2F5swo0goyn6Opxc5oK3P2AO; path=/; expires=Sat, 03 Jul 2021 19:50:27 GMT; domain=.spotify.com; samesite=none; httponly
content-encoding
br
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
HTTP/2 edgeproxy, 1.1 google
alt-svc
clear
bg-header.png
northcountryonbroadway.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/bg-header.png?v=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae7faaf9036d48e18bf2ee4a379213c3dd1a773942f701447e5603cf2f5224e

Request headers

:path
/images/bg-header.png?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"1914-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PxondlwpH54lbO3k46xSOA9AsCM5D21v9l3ZCbo3KACRFcP9PxkNOqsMDBbA9kWP4HPJ37kSjyfxBu3aNzJiSbUDpPw%2FUYU%2F2M7iInKhL2AnoMFEsaLAXuxijbTj5I7432MtvVrzl3AX0%2FVSUe5AVcQZ8Gw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ede1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6420
bg-texture.png
northcountryonbroadway.com/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/bg-texture.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d2f3fad94209b9e8f3dc8a6c873c3f725e36b92f88e2cd5411f65d8317a47c

Request headers

:path
/images/bg-texture.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"1d2819-59389cf8b2387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kJV6HoWCrCfayMyc%2BaehocMdKGLFZn2eO5sC2WspnA7a8FK7k3Yiz3TRwBi8532oi5tQ8Fg6Et3pCJOa1R9dQOtmpdburkboiDJGvrOV2e%2BokIvftC2oUZJB797xZh%2BTJ7Eyp7zMFNiPHW3LT5wY%2FHtBPBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ee01772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1910809
bg-home-hero_031220.jpg
northcountryonbroadway.com/images/ 		322 KB
323 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/bg-home-hero_031220.jpg
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8c83f3c61c88bce5a8b4dadbbea9491d0ae6bf4a9fb313a05f126a8c386a7b

Request headers

:path
/images/bg-home-hero_031220.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"5096a-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ayys16kT8GMbG9fVK%2FkzvxyC%2BljCL0XhidoFnwS3rz1LT8a8XP%2FS0fJI0wsX1GbU%2FtA44fEtqbFhDlrewTbqiooFoNd%2FSla87v214O2S0JgCsrKDGDeUdz%2FOJPDKoy2tkcLEZAwpFP5T4yxGT9eGxN0pl4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ee11772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
330090
stitch-red.png
northcountryonbroadway.com/images/ 		306 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/stitch-red.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91a755f25772255f728f441d6d7b0e5075badc41f4f07ce97f614478f0acdec

Request headers

:path
/images/stitch-red.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 16:39:33 GMT
server
cloudflare
etag
"132-5a0aaff7076de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i9wuJZDLInDTKCbdxJ5vsJ07Sy3j1Q%2F1fGFceOBnIYt%2FC15LH7Hvt9Xjk2ix0J5QPjyNRx%2Bj59blXORUp0mE0PohJb1Y%2FvjXwe5ODjGk7Yb9qrMk354BbJC3yqUK%2FKg4dgsG0AHeUvQhxkYhxqc2Q0QGOKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ee41772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
306
border.png
northcountryonbroadway.com/images/ 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/border.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48318bb039029330495821d1eb8b776fd0f134cf5b88baac49b337d8c257c7bb

Request headers

:path
/images/border.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"2c329-59389cf8b2387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B9q%2FIL8aRaTehGib1Lg1TXDPlQLthb9i54bk0ahVVCY%2BqrygHAcPsdtOdnj0T5kzG%2B09%2F7N6RS%2BiPUBUSLCJrclRavHKg4XxyTTebR4uNAk7%2BBkr95biJUrKK6HUe%2F%2FPU9T3NBBLDuXjzp10nwJKz%2B55naU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ee71772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
181033
Knockout-30_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-30_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8972d2831513afdd9cd15fe53fc2fa92261f35b445fe078f4c9a13023d8e5061

Request headers

:path
/fonts/woff2/Knockout-30_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4b35-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ItT4783AA%2FrJjuZU8E29P2kWjcyIQNKh4Xd96hSbfDNfgLEPefk4L1ZN%2BFTDNNHsxGVF0%2B6WnURpsb1dSb5X%2F602gKSFQE%2FadcS4bysi1Zo52jLdcqW4YdKSUqO5oPixwMcNEErOB0JCIqitTZAHuKoQOH8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ee91772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19253
Knockout-50_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-50_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806a1a0f56af1b228b80730824489eb3fd65ad96fd8bdcd1b1a67d6a0bf90f31

Request headers

:path
/fonts/woff2/Knockout-50_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4cf5-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BOAmyy5AK6DOS81ZAqa1CFEEaxEV5Rub7Rhy3r59nEPFBgjjyypqmcB8CGMDwbWk%2FmdqT6suoToCE%2Bp0AVrauh2ZzGrMlXCuezG1wSRBpL4UJUixtu1yy7F62Cqz6SdZA83reYwNMHC%2B9AWHrDntm%2FSN4k4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365eea1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19701
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://northcountryonbroadway.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5680
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
74524
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-1231c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zRyxQR3%2BjViQTcCJwQ5Z3Tl5W81rnKr5zMUG1qwhRfCzh3Rzhi3Ol8tP8ecIMKXzq%2BT%2BqpNN7bzinb0UleH%2FY9A5Q%2FMYh74UnEia1vK8O8AwloCHOkC71tpVnxmapz3UBrkf0mzOO9KuyG%2FCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
668a67366bf92c01-FRA
expires
Wed, 22 Jun 2022 19:50:27 GMT
Knockout-67_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-67_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ccd055bf72ed06c586aa10c46e6b7ed6066ab76b3304c29b5cdfd6d6032cc8e

Request headers

:path
/fonts/woff2/Knockout-67_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4965-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wIj0jbci1fElKFO4BT1Wi5AFerCiFPMw2LbhEj7SXJfqbNJmvOlQ0Pnn7TsOUQ8%2BmLjzLPqQX9yFfPuVlyDgyQfxZ5irgvts5SN2PKAKPXVvMMnIs1yT%2Bofhabsu8oRckNvKg4FXN06Ud8CaZkGJ9y3OC0U%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365eeb1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18789
Knockout-71_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-71_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ae548753a58ced37bb9bb716cdc445e1d0395d634c81812669ba6b9ce490c1

Request headers

:path
/fonts/woff2/Knockout-71_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4df9-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=djhXVvxSh7TP%2Fs5DvVvTqytYuHP2dETPdW%2B9Om%2F7a03eb1%2BZ85PsAIFvPxXWF1CxAu8DT4Ym2lhkHfFQ2MC0GsaQn%2BWUCieSIqT2XrgxFWrZbE%2FiOJEzIe6I0Q7MOeQVDHRov3ja5puGJyI9axBBzOxqMVM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365eed1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19961
Knockout-52_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-52_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
710efeb099ed385349e34066523920c6663cf68f4e0741fe7984b2bcb0295062

Request headers

:path
/fonts/woff2/Knockout-52_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"5165-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PwXP2QkZCGfC7xBQhJt8rHK3L46yQcpa4i1pBMCCdd8lQ%2BJHzz%2BY5ZWNjC9vi1CJzPNMzW0UZl91ZhaH6G04eXQaxaB%2BCtTcumF53XIZJTEVKCs%2F5AmFMzWLwyN8J9aICCbVnQ%2BSJN1MU4GhZm8OuAcIX%2FM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365eef1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20837
Knockout-91_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-91_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4d399fccbe0c7174ce0a60531099e0329fedbdb9d9657f46364669d1f9955e

Request headers

:path
/fonts/woff2/Knockout-91_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"5005-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5WMdd8q3nGNrfD5DTv7YaWq%2BHmUcqHU4cAUdjMSiMmAEhpEg35YzE4KmwXd9Kqcbz7WoXwcv2cdXAjiwoPaF%2F8EZMhHNE8pv0R8Dirs2IeN%2Fu5Pw2reOMkcVBzFNYgHYiW7sz8naFdehaL%2Fv1Aj%2B2Eu93iI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ef11772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20485
Knockout-72_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-72_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4e9fb8e7c785fe9d5c7127696bcb562e36ab99a025e30afbac17a12697f7a4f

Request headers

:path
/fonts/woff2/Knockout-72_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4e95-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DFH10NFGd%2BUrmx8EFTixTQiLkAXEyszk3YwP9d3NmTcBMZhhegcnxLMjeu6anhpQsUA3C7Nw%2BNN3u1w23MVDuTZV%2FfIFV6D8%2B0Mn%2FaefMZMdAR2heW4sSVTnI60g28i7ot4tHjTVjHuS9MtCnId0BpYvZMw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ef21772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
20117
Knockout-90_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-90_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef55a8ef61c91f6ffcdd49f8e772ba99372096185231111ff38f62e383f2d372

Request headers

:path
/fonts/woff2/Knockout-90_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4a45-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FID%2FIXgJ0zZ1qNymB%2BuYPSLUQlHv7THegE6OaSHfIkeZt40VNooV30fkECIvA%2BEyeZy1mdxC5hpJLKNZcDIlP7OaoLNdZze4OhippHhX9P5tePfh4wBJZCiZ%2BceIyJV10ZPmIvZHYuOZy%2FZHDqVKhaVJWMQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ef31772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19013
Knockout-49_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-49_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5daf07712bea84b27fb4383f7b85d2e81581a00cda1821122dae8aac6ac5718

Request headers

:path
/fonts/woff2/Knockout-49_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4d65-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iSpti07f%2BiZ2v7AW16xcSpRWiDZ15nRL9nL5mddC1Th%2BWfSugT%2BSvePUM6DKJFSC5MMUd0%2Fsm2MkvbmTdaiHGDnuynSD0f6r%2Fad%2BuRKFJIszTE88cX5IPOnYVELYXKDCv4NQ90dbOO6%2F0uNfNmvcZBNKtwc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ef71772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19813
Knockout-69_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-69_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc0f21afd6da49e8098a9a20bed8f6fea98c03391dccb431482a79243826210e

Request headers

:path
/fonts/woff2/Knockout-69_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4b21-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FD1pgp41cjCRKJOFE4%2BnFccDkjpQBMJsgmbBmhqg6XtWVSHfyo7%2F6awSM%2BBhkiOcs2cyd1LZvry5K65%2FcYw2M1F9REZt5vBgdSo8d5qADSSQ73FXtbqxstYCPMkX2Q0ywsmoCnF3RCcxCoJ5gn2xC%2BQFEOM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365ef91772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19233
Knockout-70_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-70_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df022c2040eb195205727f1b34270293016fb07894546026c9a5b02cc1d6b797

Request headers

:path
/fonts/woff2/Knockout-70_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"4939-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hGcvmMKwyb0ciSzrr1KUf%2FIHGcJfVn6bSB4bnOckyH%2FxIqgW5DbVeHETu3d8RJvwKHkOKVXeOmk1DMCn6BVxolBC8C67Za3wJ4oGyMtsdDK2YuAXC0PWnYHOcCmcIfxV3U5emLLNrsrMmhx1aslt6wNVyNM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365efb1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18745
Knockout-93_Web.woff2
northcountryonbroadway.com/fonts/woff2/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/Knockout-93_Web.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c6bc16ea33c227ea2cb6bf8a8aa9bbb40ab4ab46596ced87be3fe24d84e5f7

Request headers

:path
/fonts/woff2/Knockout-93_Web.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"5255-59389cf8ae505"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rPEbsHRP76%2Fs5cLsf05d4fgSXKkpLGwpa%2F8LTgmb5jzI%2FeHdSQQ0KfmtKr8EZkZtkVCooVi0o32YM8T7TrP4LQ5Gay%2FrGeXmkyPrRy7WsonFwPlC9NLtLvvuTcSrXXz9KEo7if0yZH%2Fh7%2FDEUQTu18xVyZE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365efe1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21077
DroneRanger01.woff2
northcountryonbroadway.com/fonts/woff2/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/DroneRanger01.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081ec2e3603b486df67db585f7c80fc747c06f574c0b1ba69e33bcd9be69b3f7

Request headers

:path
/fonts/woff2/DroneRanger01.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 17:41:38 GMT
server
cloudflare
etag
"23b8-59d5ef81f8125"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7FnpmL3o8L31A8Q9NQZKSS6vOGztBU%2FFzsQsOb3vgMVdE%2BfguqNKzbwbHMhSCyaBfx2hn98roIfytqQL18rDUoxSfV7ZV5nX1BbNjK1tVEwhbW%2FGiJud4e67ej5x32O%2FZsMgpZP2%2BqaDUPsk%2B9DC8JXigsA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365f001772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9144
DroneRanger01-Inked.woff2
northcountryonbroadway.com/fonts/woff2/ 		289 KB
290 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/fonts/woff2/DroneRanger01-Inked.woff2
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/main.css?v=1.71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c423eb426c6517407e749b4a6f43d31d593b312694727c36eb92fe92894f702c

Request headers

:path
/fonts/woff2/DroneRanger01-Inked.woff2
pragma
no-cache
origin
https://northcountryonbroadway.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/main.css?v=1.71
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://northcountryonbroadway.com
Referer
https://northcountryonbroadway.com/css/main.css?v=1.71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 17:41:38 GMT
server
cloudflare
etag
"485cc-59d5ef81f8125"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4nKjrNZUxudeDenIQgmekJmYrt%2BX%2BBq4xRzaC4E4fGW26H%2BnGUB5dFIzSp2153%2B9gMeWlIZFbWeuHtmQ%2Fj5bL4HcNFHRwAMQjIW0imJWVEpsr94RkGaoUQgryHjKHk6dIxkXofQy%2FxSlwImvE2dVDocy6LU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a67365f021772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
296396
activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F
8705154.fls.doubleclick.net/ Frame 8977
Redirect Chain
  • https://8705154.fls.doubleclick.net/activityi;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
  • https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2F...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8705154
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
8168a776ffbb7128cca2d7a9f6788cdaca885d1b1703e2411bbb1f28fc73b437
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8705154.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://northcountryonbroadway.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jul 2021 19:50:27 GMT
expires
Fri, 02 Jul 2021 19:50:27 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
1369
x-xss-protection
0
set-cookie
IDE=AHWqTUnB1e86G3wjpWXmlRUVybIEvvQgvk--AWJcNF6CTBL8l_bvza5cpIe13-s8TeM; expires=Wed, 27-Jul-2022 19:50:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jul 2021 19:50:27 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;register_conversion=1;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F
8705154.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8705154.fls.doubleclick.net/activityi;register_conversion=1;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD2WRDF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
505
date
Fri, 02 Jul 2021 19:42:02 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 02 Jul 2021 21:42:02 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD2WRDF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
server
cafe
etag
1690124483490796579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 19:50:27 GMT
1.m4a
northcountryonbroadway.com/audio/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/audio/1.m4a
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-fetch-mode
no-cors
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
sec-fetch-dest
audio
cookie
_gcl_au=1.1.273151932.1625255428
:path
/audio/1.m4a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=0-
:method
GET
Referer
https://northcountryonbroadway.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=47apexXkVhXbC%2Bk6k%2FcOEERquMkAChH4SY9yn0Xlyqq3xQ72LMsnFKs2QYv5ruIPHdRjIBCpIqRPpz8cs6J2cvjc5OXC7zH0tKbvogM6wuShPNTgjS%2BRb1H%2BpDP4%2FNwFK7aDUxWwGKs54ulcRuTB9y%2Btdnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
668a67380ae21772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
2.m4a
northcountryonbroadway.com/audio/ 		288 B
570 B 		Media
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/audio/2.m4a
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94976cacc986d2c954b36746eb77bef00788f1a7d1913c73e89d72fb41602d35

Request headers

sec-fetch-mode
no-cors
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
sec-fetch-dest
audio
cookie
_gcl_au=1.1.273151932.1625255428
:path
/audio/2.m4a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=0-
:method
GET
Referer
https://northcountryonbroadway.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sHjmn0j6QHKfSwUGR%2FRrTZPRQtWE9EKonHLT0uObktcQ47q394ElQlt5Ilc9strmb0nOElH9a9Mi598yiRVQJ10sE%2F0rqgnXcoQ6GkeMKeYmd839h78I1%2BlyjsYubpB8JuWQqa%2FMofeoU45wdSN48BbvEW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
668a67380ae51772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
3.m4a
northcountryonbroadway.com/audio/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/audio/3.m4a
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-fetch-mode
no-cors
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
sec-fetch-dest
audio
cookie
_gcl_au=1.1.273151932.1625255428
:path
/audio/3.m4a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=0-
:method
GET
Referer
https://northcountryonbroadway.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hylbUaTTAaEmTOtAiAE1zC2ze50T%2FiFjEmoH3QEAQ0s6SYQDnHqjBmY66fYCzuhxF1ZDmobN%2Boeyl09tZ%2Bdb%2FPplAVplyv9zHyVbYXPNZ6HZdlnV%2F5idvWXyXC9XUrPu7kjTKYMKKKW57idVimkWLMXfGMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
668a67380ae81772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
4.m4a
northcountryonbroadway.com/audio/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://northcountryonbroadway.com/audio/4.m4a
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-fetch-mode
no-cors
accept-encoding
identity;q=1, *;q=0
accept-language
en-US
sec-fetch-dest
audio
cookie
_gcl_au=1.1.273151932.1625255428
:path
/audio/4.m4a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/
:scheme
https
sec-fetch-site
same-origin
range
bytes=0-
:method
GET
Referer
https://northcountryonbroadway.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 02 Jul 2021 19:50:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AgFFbTkk5QtMaeFK8NQqmHjSAT3PAKaUtFahmiceDFcVwn0bbWiF7JBEVrnmrqvKL5204r5SKpmgkwPKjyludVPDp%2B419QGq58YrRaJL3ZMMUc4RWhPFhSSgYEj4GxFoy9bkcAdAmjp4L8cLsQkXL6leN0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
668a67380aec1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1663397696&t=pageview&_s=1&dl=https%3A%2F%2Fnorthcountryonbroadway.com%2F&ul=en-us&de=UTF-8&dt=Girl%20From%20The%20North%20Country%20%7C%20Official%20Broadway%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=699472110&gjid=1189852184&cid=1916653799.1625255428&tid=UA-140506916-1&_gid=830590332.1625255428&_r=1&gtm=2wg6u0TD2WRDF&z=1167484813
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://northcountryonbroadway.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.ed5fac0d.js
open.scdn.co/cdn/build/embed/ Frame 99A0 		484 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.scdn.co/cdn/build/embed/embed.ed5fac0d.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/album/5swo0goyn6Opxc5oK3P2AO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fee7327bd1bf704be24c9463a2a7de6a5647b564774c34f3ed53f4fc31138d8

Request headers

Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jul 2021 19:35:38 GMT
Age
777
ETag
"c9529dfc4e5142051a65d2b0d290119a"
X-Served-By
cache-ord1722-ORD, cache-hhn11573-HHN
X-Cache
HIT, HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
118606
X-Cache-Hits
1, 394
vendor~embed.85e61472.js
open.scdn.co/cdn/build/embed/ Frame 99A0 		540 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.scdn.co/cdn/build/embed/vendor~embed.85e61472.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/album/5swo0goyn6Opxc5oK3P2AO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d398aa67273ee5164006abff8b66347725e4961014cdfb31a89ff921ee64837

Request headers

Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jul 2021 10:50:27 GMT
Age
32202
ETag
"3fb2d3c4e719dd4076b034a0a2a12f02"
X-Served-By
cache-ord1746-ORD, cache-hhn11563-HHN
X-Cache
HIT, HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
160915
X-Cache-Hits
1, 7695
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW%C2%AD798035345/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW%C2%AD798035345/?random=1625255427936&cv=9&fst=1625255427936&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnorthcountryonbroadway.com%2F&tiba=Girl%20From%20The%20North%20Country%20%7C%20Official%20Broadway%20Site&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af62b9b522cdb703dc2906c08e23f791a71bb44a15f2f9e595e75fee0fe00da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-140506916-1&cid=1916653799.1625255428&jid=699472110&gjid=1189852184&_gid=830590332.1625255428&_u=YEBAAEAAAAAAAC~&z=791147649
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 02 Jul 2021 19:50:27 GMT
content-type
text/plain
access-control-allow-origin
https://northcountryonbroadway.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-140506916-1&cid=1916653799.1625255428&jid=699472110&_u=YEBAAEAAAAAAAC~&z=996089509
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-140506916-1&cid=1916653799.1625255428&jid=699472110&_u=YEBAAEAAAAAAAC~&z=996089509
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
adservice.google.com/ddm/fls/z/ Frame 8977
Redirect Chain
  • https://pixel.sojern.com/pixel/img/141042?p_v=1&f_v=v3_image&vid=hot
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=teTqKaNmJDUKUMsxzR7BrQ&google_nid=sojern__adx_open_bidder_seat&sjrn_id=spoK9EYGFiCo2SModfZ7SjSpEz0q0BqHSOeWbyVLW83-rrPT9MW1Yz5Q74Ef0wH7&s...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=spoK9EYGFiCo2SModfZ7SjSpEz0q0BqHSOeWbyVLW83-rrPT9MW1Yz5Q74Ef0wH7&sjrn_r=aHR0cHM6Ly9hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz04OD...
  • https://ad.doubleclick.net/ddm/activity/src=8868068;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
  • https://ad.doubleclick.net/ddm/activity/src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[Orde...
  • https://adservice.google.com/ddm/fls/z/src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=8868068;dc_pre=CJ3G4aOUxfECFVBKkQUdI2QCcA;type=sales;cat=j3a0234g;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
pixel.mathtag.com/event/ Frame 8977 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1384741&mt_adid=145397&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3799 851f7e8 master cdg-pixel-x6 /
Resource Hash
1b7388d06d1a1a9fd5d2b15daae23b4803a9b219507824a1d394cb52826015c2

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1411
Expires
Fri, 02 Jul 2021 19:52:34 GMT
dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=*;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F
adservice.google.com/ddm/fls/z/ Frame 8977 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=*;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 8977 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
15zjB0aA/XJN5MrydneBkMQqyrtNNMKw8RPO53k5v2kUqg/bbxbGM5S7SkL75KbEGwMdrFmOPCF0/8wg7xKV0A==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 02 Jul 2021 19:50:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
quant.js
secure.quantserve.com/ Frame 8977 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 09 Jul 2021 19:50:28 GMT
tc.min.js
c1.rfihub.net/js/ Frame 8977 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:42:45 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 19:42:35 GMT
server
Jetty(9.3.29.v20201019)
age
463
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
4BW7suQ-4qEAovHT6dxPSdhk0ZxuCAWya6Pyy1_gBCWGzKEQNju2Pw==
expires
Fri, 02 Jul 2021 20:42:45 GMT
/
sentry.io/api/265628/envelope/ Frame 99A0 		2 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7
Requested by
Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.85e61472.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://open.spotify.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
/
apresolve.spotify.com/ Frame 99A0 		205 B
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by
Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.85e61472.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
492666c6ade0d6efe1a0756c031b143347863b5cee2dca8373115d5588a5b0e0

Request headers

Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
alt-svc
clear
content-length
98
via
1.1 google
ab67616d0000b27391ae4d9e032ea757f53f20b3
i.scdn.co/image/ Frame 99A0 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.scdn.co/image/ab67616d0000b27391ae4d9e032ea757f53f20b3
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/album/5swo0goyn6Opxc5oK3P2AO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e23b66d4b4ac029f618138a07427534a0d7270213d8a76dcd8066097ea4418bd

Request headers

Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Last-Modified
Mon, 02 Sep 2019 10:18:42 GMT
Age
111661
ETag
"f23d209c67f67d4d820e0580b01242a6"
X-Served-By
cache-ord1735-ORD, cache-hhn11542-HHN
X-Cache
HIT, HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
123855
X-Cache-Hits
1, 1
/
www.google.com/pagead/1p-user-list/AW%C2%AD798035345/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW%C2%AD798035345/?random=1625255427936&cv=9&fst=1625252400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=0&url=https%3A%2F%2Fnorthcountryonbroadway.com%2F&tiba=Girl%20From%20The%20North%20Country%20%7C%20Official%20Broadway%20Site&async=1&fmt=3&is_vtc=1&random=3769650750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW%C2%AD798035345/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW%C2%AD798035345/?random=1625255427936&cv=9&fst=1625252400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6u0&sendb=1&frm=0&url=https%3A%2F%2Fnorthcountryonbroadway.com%2F&tiba=Girl%20From%20The%20North%20Country%20%7C%20Official%20Broadway%20Site&async=1&fmt=3&is_vtc=1&random=3769650750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-2e5TMncdWUgbf.js
rules.quantcount.com/ Frame 8977 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-2e5TMncdWUgbf.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc74fcced151fa249a4edad79779aa762df112acc34d210869cba6c16ec2688

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
content-encoding
gzip
last-modified
Tue, 14 May 2019 23:37:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"be91dc6de99cf7568573cc5620a4e265"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-id
T4tYxQ6KqMeFsT2KHmopCLzhQqrKPj5GRn0sOF53oQnS4vZp7V4a6w==
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
1661980587262306
connect.facebook.net/signals/config/ Frame 8977 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1661980587262306?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7018fffd1b508bc3312e86ffc191b531c96efc45473af3638013f9a55881e6d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
84tcopYaj0uCubsawvjmxQDW8o70MSHzq6W4VqK0+P9TY2HDUwIOQxFYLoWVzqgC6v7P9R2FUiz/0Y5188P/jw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 02 Jul 2021 19:50:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set ca.html
20811782p.rfihub.com/ Frame 2C25 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20811782p.rfihub.com/ca.html?ver=9&rb=35654&ca=20811782&_o=35654&_t=20811782&pe=https%3A%2F%2F8705154.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL2UyqOUxfECFVqtUQodX0AAPg%3Bsrc%3D8705154%3Btype%3Dbways0%3Bcat%3Dgftnc0%3Bord%3D3978848079063%3Bgtm%3D2od6u0%3Bauiddc%3D273151932.1625255428%3Bps%3D1%3B%7Eoref%3Dhttps%253A%252F%252Fnorthcountryonbroadway.com%252F%3F&pf=https%3A%2F%2Fnorthcountryonbroadway.com%2F&ra=5044367620847159
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
e0b0b252e110c1f0e9bee5f5db003a34f98a4a0d4d810b9fb9f04bf6b7f44b05

Request headers

Host
20811782p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://8705154.fls.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8705154.fls.doubleclick.net/

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAJvFyGtoZmRqZGpqYmRhZGy6Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDAB9mU1kwAQAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Jul 2022 19:50:28 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILS3NDYwNLQwNDE1NjIT5DXe_AiFyfMC-z3LSMYileQzMjUyNTUxMjCyNjQwChcLkINAAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 27 Jul 2022 19:50:28 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILS3NDYwNLQwNDE1NjIT5DXe_AiFyfMC-z3LSMYgDMLY8nJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control
no-cache
Content-Type
text/html;charset=utf-8
Content-Length
2944
Server
Jetty(9.3.29.v20201019)
iframe
pixel.mathtag.com/sync/ Frame 7B6D 		631 B
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8&no_iframe=1&mt_adid=145397&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1384741&mt_adid=145397&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3799 851f7e8 master cdg-pixel-x25 /
Resource Hash
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Host
pixel.mathtag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://8705154.fls.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://8705154.fls.doubleclick.net/

Response headers

Content-Type
text/html
Content-Length
631
Server
MT3 3799 851f7e8 master cdg-pixel-x25
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Fri, 02 Jul 2021 19:50:24 GMT
Date
Fri, 02 Jul 2021 19:50:28 GMT
Connection
keep-alive
img
pixel.mathtag.com/misc/ Frame 8977 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3799 851f7e8 master cdg-pixel-x13 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 19:50:25 GMT
get_access_token
open.spotify.com/ Frame 99A0 		188 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://open.spotify.com/get_access_token?reason=transport&productType=embed
Requested by
Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.85e61472.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
2cc95ffce0ec4b4f6b4f3f8fbe16d58da7d1de0eafcfd297a599b5323378737c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://open.spotify.com/embed/album/5swo0goyn6Opxc5oK3P2AO
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
spotify-request-id
e47b3a1f-8e9e-4d4a-8ecf-b5c726c7ac37
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
via
HTTP/2 edgeproxy, 1.1 google
vary
Accept-Encoding,Accept-Encoding
alt-svc
clear
server
envoy
events
gew-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 99A0 		13 B
139 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gew-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.85e61472.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:64a:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
access-control-allow-headers
Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date
Fri, 02 Jul 2021 19:50:28 GMT
access-control-max-age
604800
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
clear
content-length
39
via
HTTP/2 edgeproxy, 1.1 google
events
gew-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gew-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H2
Server
2600:1901:1:64a:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://open.spotify.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials
true
access-control-max-age
604800
content-length
0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 02 Jul 2021 19:50:27 GMT
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
alt-svc
clear
GetCSS
chat.satis.fi/popup/ 		50 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/popup/GetCSS
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c520c2eb63487fd37a8eac3e55205b5233dc562ffbb38159168b1466d2c0c80

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
95680BB9EEDE592F8794B7BA26B00BF5
vary
Accept-Encoding
content-type
text/css
content-length
4220
GetAWSConfig
chat.satis.fi/Default/ 		187 B
378 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/Default/GetAWSConfig
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7901ec5fc66799d855b5478364c5f391b7d6fe3e1d911a282371e4d66128dc3

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://northcountryonbroadway.com
date
Fri, 02 Jul 2021 19:50:28 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
btp.js
www.rtb123.com/tags/72DAAA6D-B7E6-5C34-46C4-B41213AC298B/ 		29 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rtb123.com/tags/72DAAA6D-B7E6-5C34-46C4-B41213AC298B/btp.js
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.rtb123.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
229792abe2fa8ebcd8d7d59b7c5184d723d12a9718643068870f041b062d9548

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Fri, 02 Jul 2021 19:50:27 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 14:18:07 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"ddd88afd3831d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
52
prev.png
northcountryonbroadway.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/prev.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

:path
/images/prev.png
pragma
no-cache
cookie
_gcl_au=1.1.273151932.1625255428; _ga=GA1.2.1916653799.1625255428; _gid=GA1.2.830590332.1625255428; _gat_UA-140506916-1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/lightbox.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"550-59389cf8bbfca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f2jNDmcORqpPBv2UcGpAdBf7g3aO34cxYcUG2GaWeHtT2y9a0iTf1M6ysAw%2BRw1rZNUp7WOv%2BtoUOHajHKdCr4iiic%2BK9p4FdFupLO8gr0PYUhkzAVdavYdtpS4m8l3PlOpq6eJIgwZu0XNes6YNLW6m3LA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a6739ff6e1772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1360
next.png
northcountryonbroadway.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/next.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

:path
/images/next.png
pragma
no-cache
cookie
_gcl_au=1.1.273151932.1625255428; _ga=GA1.2.1916653799.1625255428; _gid=GA1.2.830590332.1625255428; _gat_UA-140506916-1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/lightbox.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"546-59389cf8bbfca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RJVEDgDyqq0SEu6JzDLin0qvdMybGl7mysPeQhwOQ8gmTmwhGfj5Fo4futL8NBOghj3sf0Evf9rQtLpiL5ww6%2B1hq5tJUqGNlG%2BGPkaTww2tZh2BAIb9BPgKzcEjRtmcmA5nwjuuPT0IU%2BwzA9FxVBWcCv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a6739ff721772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1350
loading.gif
northcountryonbroadway.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/loading.gif
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

:path
/images/loading.gif
pragma
no-cache
cookie
_gcl_au=1.1.273151932.1625255428; _ga=GA1.2.1916653799.1625255428; _gid=GA1.2.830590332.1625255428; _gat_UA-140506916-1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/lightbox.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"211c-59389cf8b42c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D%2FGOhB7JN%2BL49iu3ZgNHMHdMoWIvQHKAQUwz72073VcXiutNTrirWQiinBc7DHw2Yml7mlLBLblz5kw7bMGxNpFcsksCwx2Ht%2FePKpz6WGk9G6j6k83Z7K6%2Bq87qytDYodASNXSUlXSyZ%2FHN%2BPKC4BMCGyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a6739ff751772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8476
close.png
northcountryonbroadway.com/images/ 		280 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northcountryonbroadway.com/images/close.png
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/css/lightbox.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

:path
/images/close.png
pragma
no-cache
cookie
_gcl_au=1.1.273151932.1625255428; _ga=GA1.2.1916653799.1625255428; _gid=GA1.2.830590332.1625255428; _gat_UA-140506916-1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
northcountryonbroadway.com
referer
https://northcountryonbroadway.com/css/lightbox.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://northcountryonbroadway.com/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cf-cache-status
HIT
last-modified
Fri, 27 Sep 2019 14:36:25 GMT
server
cloudflare
etag
"118-59389cf8b3327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=le3ximoUhrOk6xv1Hj5YPUmeBw48%2Bgake6dIPSbpJ5XSrtptHl%2FA%2FuJbQaGoVy68UVnJRJEdu%2BTK%2BPlO2vyWRgQ%2FhfMlEhY%2FKxG4EDgtUt2DN6luVc8oQzFYyY%2FV87lKKgr03WKBYb0Jw9jXayPFwHW7fHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
668a6739ff771772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
280
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
pixel;r=433951959;labels=_fp.event.Default;rf=0;a=p-2e5TMncdWUgbf;url=https%3A%2F%2F8705154.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL2UyqOUxfECFVqtUQodX0AAPg%3Bsrc%3D8705154%3Btype%3Dbways0%3Bc...
pixel.quantserve.com/ Frame 8977 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=433951959;labels=_fp.event.Default;rf=0;a=p-2e5TMncdWUgbf;url=https%3A%2F%2F8705154.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL2UyqOUxfECFVqtUQodX0AAPg%3Bsrc%3D8705154%3Btype%3Dbways0%3Bcat%3Dgftnc0%3Bord%3D3978848079063%3Bgtm%3D2od6u0%3Bauiddc%3D273151932.1625255428%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fnorthcountryonbroadway.com%252F%3F;ref=https%3A%2F%2Fnorthcountryonbroadway.com%2F;uht=2;fpan=1;fpa=P0-1255155495-1625255428171;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=8705154.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=1;et=1625255428171;tzo=-120;ogl=
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
events
gew-spclient.spotify.com/gabo-receiver-service/v3/ Frame 99A0 		13 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gew-spclient.spotify.com/gabo-receiver-service/v3/events
Requested by
Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.85e61472.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:64a:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://open.spotify.com/
authorization
Bearer BQBkofU2TsmGvRwIiBSr_xOo0zuC2396NBqjitj91JKtRjUUsN0gO8tsGgYOTkjfpW7arWjz3yHLAMBcoNM
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
access-control-allow-headers
Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date
Fri, 02 Jul 2021 19:50:28 GMT
access-control-max-age
604800
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
clear
content-length
39
via
HTTP/2 edgeproxy, 1.1 google
events
gew-spclient.spotify.com/gabo-receiver-service/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gew-spclient.spotify.com/gabo-receiver-service/v3/events
Protocol
H2
Server
2600:1901:1:64a:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://open.spotify.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials
true
access-control-max-age
604800
content-length
0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 02 Jul 2021 19:50:28 GMT
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
alt-svc
clear
/
www.facebook.com/tr/ Frame 8977 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1661980587262306&ev=PageView&dl=https%3A%2F%2F8705154.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL2UyqOUxfECFVqtUQodX0AAPg%3Bsrc%3D8705154%3Btype%3Dbways0%3Bcat%3Dgftnc0%3Bord%3D3978848079063%3Bgtm%3D2od6u0%3Bauiddc%3D273151932.1625255428%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fnorthcountryonbroadway.com%252F%3F&rl=https%3A%2F%2Fnorthcountryonbroadway.com%2F&if=true&ts=1625255428194&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&it=1625255428108&coo=false&rqm=GET
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 02 Jul 2021 19:50:28 GMT
img
pixel.mathtag.com/misc/ Frame 7B6D 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8&no_iframe=1&mt_adid=145397&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3799 851f7e8 master cdg-pixel-x24 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8&no_iframe=1&mt_adid=145397&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 19:50:25 GMT
cm
a.rfihub.com/ Frame 2C25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTg3ODk3MTMwOTEwMTQ1Mw==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHSTHjbdTFA0PBBqxFedPxQ&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHSTHjbdTFA0PBBqxFedPxQ&google_cver=1
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHSTHjbdTFA0PBBqxFedPxQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 2C25
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=1871878971309101453
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871878971309101453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871878971309101453
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 19:50:28 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
63787370-8926-4d15-ae0c-07824ec18fb8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 19:50:28 GMT
X-Proxy-Origin
213.232.87.179; 213.232.87.179; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0b042cb3-abad-4224-a2fa-73a6eeaf8c0b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1871878971309101453
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
p.rfihub.com/ Frame 2C25
Redirect Chain
  • https://stags.bluekai.com/site/4722?id=1871878971309101453&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
  • https://p.rfihub.com/cm?bk_uuid=JmTrmy9999Ot4B2Q&forward=
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?bk_uuid=JmTrmy9999Ot4B2Q&forward=
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://p.rfihub.com/cm?bk_uuid=JmTrmy9999Ot4B2Q&forward=
Date
Fri, 02 Jul 2021 19:50:28 GMT
Connection
keep-alive
Content-Length
0
BK-Server
f118
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
tap.php
pixel.rubiconproject.com/ Frame 2C25 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 2C25
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871878971309101453&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878971309101453&redir=
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878971309101453&redir=
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.168.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-168-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-0f1d2efda.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
T9kBvdO0T3A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v012-0724e0829.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
v0D+T0NAQFc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878971309101453&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 2C25
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878971309101453&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878971309101453&forward=&C=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878971309101453&forward=&C=1
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 19:50:28 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878971309101453&forward=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
295
Expires
Fri, 02 Jul 2021 19:50:28 GMT
v1
ads.yahoo.com/cms/ Frame 2C25 		0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
360947.gif
idsync.rlcdn.com/ Frame 2C25 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 19:50:28 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 2C25 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 02 Jul 2021 19:50:28 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 2C25
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878971309101453&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878971309101453&img=1&__user_check__=1&sync_id=c07c4e3a-db6e-11eb-9398-1669d4c90406
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878971309101453&img=1&__user_check__=1&sync_id=c07c4e3a-db6e-11eb-9398-1669d4c90406
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
nginx
Location
/partner?adv_id=7180&uid=1871878971309101453&img=1&__user_check__=1&sync_id=c07c4e3a-db6e-11eb-9398-1669d4c90406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
127
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 2C25 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=1871878971309101453&r=NyQjj4kGfBnk
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:43f8:c79a:f116:17d6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 2C25 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.225.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-225-117.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 2C25 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.232.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-232-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1625255428
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 2C25
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878971309101453&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878971309101453&expires=30
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878971309101453&expires=30
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.176.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-176-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878971309101453&expires=30
date
Fri, 02 Jul 2021 19:50:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ps.eyeota.net/ Frame 2C25
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=1871878971309101453&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=1871878971309101453&bid=omt9pi0
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=1871878971309101453&bid=omt9pi0
Date
Fri, 02 Jul 2021 19:50:28 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cm
p.rfihub.com/ Frame 2C25
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YN9uBAACXMTqTgAC
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YN9uBAACXMTqTgAC&_test=YN9uBAACXMTqTgAC
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YN9uBAACXMTqTgAC&_test=YN9uBAACXMTqTgAC
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1625255429.925658,VS0,VE0
x-served-by
cache-hhn4057-HHN
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YN9uBAACXMTqTgAC&_test=YN9uBAACXMTqTgAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cksync.php
contextual.media.net/ Frame 2C25 		46 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 02 Jul 2021 19:50:28 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
46
x-mnet-hl2
E
expires
Fri, 02 Jul 2021 19:50:28 GMT
cm
p.rfihub.com/ Frame 2C25
Redirect Chain
  • https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
  • https://p.rfihub.com/cm?in=1&pub=17945&userid=cb7bacd2-6c0a-4f32-bacc-a8eba62bff90
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=17945&userid=cb7bacd2-6c0a-4f32-bacc-a8eba62bff90
Requested by
Host: northcountryonbroadway.com
URL: https://northcountryonbroadway.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:28 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
location
https://p.rfihub.com/cm?in=1&pub=17945&userid=cb7bacd2-6c0a-4f32-bacc-a8eba62bff90
cache-control
private
content-type
text/html; charset=UTF-8
content-length
213
expires
Sun, 05-Jun-2005 22:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame 2C25
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871878971309101453&referrer=https%3A%2F%2Fnorthcountryonbroadway.com%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=3b6882a4-0f05-4bda-a4a9-28befdd412f3%3A1625255429.07&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3b6882a4-0f05-4bda-a4a9-28befdd412f3...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3b6882a4-0f05-4bda-a4a9-28befdd412f3%3A1625255429.07
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFFVjXfR9oNYsy3RmR0OFFU&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFFVjXfR9oNYsy3RmR0OFFU&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 19:50:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 02 Jul 2021 19:50:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFFVjXfR9oNYsy3RmR0OFFU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame 2C25 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=1871878971309101453
Requested by
Host: 8705154.fls.doubleclick.net
URL: https://8705154.fls.doubleclick.net/activityi;dc_pre=CL2UyqOUxfECFVqtUQodX0AAPg;src=8705154;type=bways0;cat=gftnc0;ord=3978848079063;gtm=2od6u0;auiddc=273151932.1625255428;ps=1;~oref=https%3A%2F%2Fnorthcountryonbroadway.com%2F?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.14.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-14-153.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://20811782p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:30 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
PopupConfig-7379.js
d2zi7r1qsrih6r.cloudfront.net/ClientAssets/PopupConfigs/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/PopupConfigs/PopupConfig-7379.js?v=3c31ce4f-ad24-4760-a68b-9ab4e78c29df
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53d448ec305b4794987f0018247cf6ee092666600ea87ecafa1ecb68fbdf9862

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 02 Jul 2021 19:50:30 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Fri, 18 Jun 2021 14:32:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"cd6e4be2c12df61c56394540f94fbd8f"
x-cache
Miss from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
1321
x-amz-cf-id
ttsp9Xu32LaNHzLDdDdsMRY0iTa_pKQmHnq08K8FbabVkAPaeyfPeQ==
popuptheme-3221.css
d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/popuptheme-3221.css?v=3a634587-c9bd-4ec1-97cd-85f214a61aed
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e0a2f9e98701d81dbf96cad0bff896b1acd0e622a8fcde2b0b9dfda6f748e32

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:30 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
1889
last-modified
Fri, 21 May 2021 16:51:21 GMT
server
AmazonS3
etag
"380449cf961698b5998f877143d11e09"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ePDDtsV5SJKsrnln5XGdYKmUnavftAyCtPC04EFvYoWYqvDFBcbSBQ==
/
www.facebook.com/tr/ Frame 8977 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1661980587262306&ev=Microdata&dl=https%3A%2F%2F8705154.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCL2UyqOUxfECFVqtUQodX0AAPg%3Bsrc%3D8705154%3Btype%3Dbways0%3Bcat%3Dgftnc0%3Bord%3D3978848079063%3Bgtm%3D2od6u0%3Bauiddc%3D273151932.1625255428%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fnorthcountryonbroadway.com%252F%3F&rl=https%3A%2F%2Fnorthcountryonbroadway.com%2F&if=true&ts=1625255429705&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&it=1625255428108&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 02 Jul 2021 19:50:29 GMT
Roboto-Regular.ttf
d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/ 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/Roboto-Regular.ttf
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/GetCSS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Origin
https://northcountryonbroadway.com
Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:31 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
162876
last-modified
Fri, 10 Apr 2020 14:36:49 GMT
server
AmazonS3
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
access-control-max-age
1800
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
cyUgkE1Px5_dQ-u9Ht2SOVG95xc343eIuUhRZ2rsQ29AGgJE8rDnWw==
img
pixel.mathtag.com/misc/ Frame 8977 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3799 851f7e8 master cdg-pixel-x16 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://8705154.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:38 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x16
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 19:52:44 GMT
img
pixel.mathtag.com/misc/ Frame 7B6D 		43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8&no_iframe=1&mt_adid=145397&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3799 851f7e8 master zrh-pixel-x15 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=aa6a60df-6e04-4000-abbe-d30a719a1de8&no_iframe=1&mt_adid=145397&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 19:50:38 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 02 Jul 2021 19:50:32 GMT
getPageIdFromPopupIdAndUrl
chat.satis.fi/popup/ 		4 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/popup/getPageIdFromPopupIdAndUrl?popupid=7379&url=https://northcountryonbroadway.com/
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc42f716c296b127850fbca1e103af089ecf2fb1f7c152d8d5440c6130bb6018

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://northcountryonbroadway.com
date
Fri, 02 Jul 2021 19:50:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
/
chat.satis.fi/ Frame CED5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/?pageID=9617
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fefe079ae8dd69727b3e120d56b5697376796db4d2f42eb3a5d786ef8d376d8d

Request headers

:method
GET
:authority
chat.satis.fi
:scheme
https
:path
/?pageID=9617
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://northcountryonbroadway.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://northcountryonbroadway.com/

Response headers

date
Fri, 02 Jul 2021 19:50:40 GMT
content-type
text/html; charset=utf-8
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
marked.min.js
cdn.jsdelivr.net/npm/marked@0.6.2/lib/ Frame CED5 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/marked@0.6.2/lib/marked.min.js
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/?pageID=9617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db1e7e4c0ffb442e732d99176f8fdb937450ad93a3db81419c65ff57dcaae05f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
601282
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
8015
etag
W/"5c1a-29djCYy3vVe89i2eVvNJCrkWLx0"
x-served-by
cache-fra19166-FRA, cache-hhn4068-HHN
date
Fri, 02 Jul 2021 19:50:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1.satisfi_bundle.ce902faee8f932baeead.js
chat.satis.fi/client/ Frame CED5 		243 KB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/client/1.satisfi_bundle.ce902faee8f932baeead.js
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/?pageID=9617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f610e668c668a2f988dc395a19a7898dbca2c1ac8b447077c4092f902bc9e599

Request headers

Referer
https://chat.satis.fi/?pageID=9617
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:41 GMT
last-modified
Tue, 01 Jun 2021 11:03:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d756d5bc6f32e6"
content-type
application/javascript
accept-ranges
bytes
content-length
248806
satisfi_bundle.e2a62aac91a75149cc7f.js
chat.satis.fi/client/ Frame CED5 		191 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/client/satisfi_bundle.e2a62aac91a75149cc7f.js
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/?pageID=9617
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c82b4d37afc8b08cf9f319e5ee0eaeb9b00f6cc42a2f6cb7166a223b9eda155b

Request headers

Referer
https://chat.satis.fi/?pageID=9617
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:41 GMT
last-modified
Tue, 01 Jun 2021 10:55:43 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d756d4aad5da55"
content-type
application/javascript
accept-ranges
bytes
content-length
195541
GetAWSConfig
chat.satis.fi/Default/ Frame CED5 		187 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/Default/GetAWSConfig?pageId=0
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/client/satisfi_bundle.e2a62aac91a75149cc7f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7901ec5fc66799d855b5478364c5f391b7d6fe3e1d911a282371e4d66128dc3

Request headers

Accept
application/json
Referer
https://chat.satis.fi/?pageID=9617
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
GetPageConfig
chat.satis.fi/Default/ Frame CED5 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://chat.satis.fi/Default/GetPageConfig
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/client/satisfi_bundle.e2a62aac91a75149cc7f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.65.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-65-212.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d4082d7c03c646cd6995c50edafc799bf401263629ba0b96257c7789f556254

Request headers

Accept
application/json
Referer
https://chat.satis.fi/?pageID=9617
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://chat.satis.fi
date
Fri, 02 Jul 2021 19:50:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
pagetheme-3221.css
d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/ Frame CED5 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/pagetheme-3221.css?version=6?
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/client/satisfi_bundle.e2a62aac91a75149cc7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c86ddba7cf0d8c8f39ed4cf84b31a416e8761a067fa07a73156ae3f489f1ca36

Request headers

Accept
text/css
Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:43 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
access-control-max-age
1800
content-length
4110
last-modified
Fri, 21 May 2021 16:51:20 GMT
server
AmazonS3
etag
"3520b27e250feed0829cdeb6f02b20da"
vary
Origin
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
tKP1hhU7Ui8Z0wQIV7LD_-7Iv88e22HDOzZt9eSOteKPxucIXEMAqw==
popupHeadertheme-3221.css
d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/ 		291 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/popupHeadertheme-3221.css?version=6
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder?popupId=7379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49221be9b42a1ecfb88e2670d60f33f7974173da903b1c4f2f997553ce299717

Request headers

Referer
https://northcountryonbroadway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 19:50:43 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
access-control-max-age
1800
content-length
291
last-modified
Fri, 21 May 2021 16:51:24 GMT
server
AmazonS3
etag
"00e8c3fcc58fbaeb769fa71da1be1ba5"
vary
Origin
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
P73IWQ2HCLnEhC_Hc0tOMIx9ED7rNKWO4s5oqxap6ENhoL-y8ssBjw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ Frame CED5 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/client/satisfi_bundle.e2a62aac91a75149cc7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 17:32:36 GMT
x-content-type-options
nosniff
age
8286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Jul 2022 17:32:36 GMT
Roboto-Regular.ttf
d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/ Frame CED5 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/Roboto-Regular.ttf
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/?pageID=9617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Origin
https://chat.satis.fi
Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 10:26:34 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
age
33848
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
1800
content-length
162876
last-modified
Fri, 10 Apr 2020 14:36:49 GMT
server
AmazonS3
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
fmWrNlHFgkaSxyrdS1uyHL00715vna-WJk7E1JKxkm5Nc7BHXeJaIA==
1bf241463bcd439ea905ecc777a0d9c5.png
d2zi7r1qsrih6r.cloudfront.net/ClientMedia/1457/ Frame CED5 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientMedia/1457/1bf241463bcd439ea905ecc777a0d9c5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e53a8195a1834c881ba140760253f6878a5d9d527864d338fdc281cc547aaa87

Request headers

Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 02 Jul 2021 19:50:43 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 13:23:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"0b0c2b72ccdaa10ddc7d7ed24cf293eb"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
431881
x-amz-cf-id
DdrQBIyZ7Fs7-38K9hLrjoTxJhtmRXw1xPit2hQqNOiYsCgV3JvVCQ==
jquery.signalR.min.js
cdn.jsdelivr.net/npm/signalr@2.4.0/ Frame CED5 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/signalr@2.4.0/jquery.signalR.min.js
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/client/satisfi_bundle.e2a62aac91a75149cc7f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
740694
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
12345
etag
W/"9c67-zh47F8Rvr6yc+Av96wdACji2hfA"
x-served-by
cache-fra19156-FRA, cache-hhn4068-HHN
date
Fri, 02 Jul 2021 19:50:42 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
0c94f981d22d4e52a1ff410d71606d48.png
d2zi7r1qsrih6r.cloudfront.net/ClientMedia/1457/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zi7r1qsrih6r.cloudfront.net/ClientMedia/1457/0c94f981d22d4e52a1ff410d71606d48.png
Requested by
Host: chat.satis.fi
URL: https://chat.satis.fi/popup/GetCSS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc5fa102faa48ed3cc9f8cb82e9aa1ab5b034ea28bd9b29ffbce59ae2e5fec68

Request headers

Referer
https://chat.satis.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 02 Jul 2021 19:50:43 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Fri, 21 May 2021 16:47:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"22c1fe7075a24090fd77183644e7c171"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
75690
x-amz-cf-id
O0HWycA6B2nmKIJzNTs1AraDNQGcrjF5hx_940xH0sf8lqZ7OsLMEA==

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| gtag function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| DP_jQuery_1625255427799 object| lightbox function| getUrlVars function| news_reviews_height object| song1 object| song2 object| song3 object| song4 object| jQuery112403406484309709392 object| best_dates number| best_datesLength string| date object| limited_dates number| limited_datesLength object| sold_dates number| sold_datesLength function| moment object| showtimes object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| SatisfiApp object| cookieconsent object| popupConfig

12 Cookies

Domain/Path Name / Value
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.northcountryonbroadway.com/ Name: _gat_UA-140506916-1
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129QgO8chKSglxczQIcHIqrHBLTQmoCFQS8MoNKcqttAQC_xITJ6PAIF5DMyNTI1NTEyMLcyOTLCSuhbnlLEYkvpGx6So0_ik0_is0_i80_iQmVP4sNP4iNP4qNP4mNP4uNP4ndP0sqPxbyHwLQ8NFrAKRfpalTo6OzhG-IYUh6Y7Oq1iRlFiamG1iRbOSG82LaPxJwkbGSWYWFkaJJroGaQamuiZJKYm6iSaJlrpGFkmpaSkpJoZGacZWcE2Wegbms4QRhlgaWposEkY19BEaHwCTMg8a5gEAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwByILS3NDYwNLQwNDE1NjIT5DXe_AiFyfMC-z3LSMYgDMLY8nJQAAAA
.rfihub.com/ Name: smd
Value: H4sIAAAAAAAAAOPiNTQzMjUyNTUxsjA3MgUAqTDCBA8AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwByILS3NDYwNLQwNDE1NjIT5DXe_AiFyfMC-z3LSMYileQzMjUyNTUxMjCyNjQwChcLkINAAAAA
.mathtag.com/ Name: uuid
Value: aa6a60df-6e04-4000-abbe-d30a719a1de8
.northcountryonbroadway.com/ Name: _gid
Value: GA1.2.830590332.1625255428
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129QgO8chKSglxczQIcHIqrHBLTQmoCFQS8MoNKcqttAQC_xITJ6PAVYwCkX6WpU6Ojs4RviGFIemOzk0sRsZJZhYWRokmugZpBqa6JkkpibqJJomWukYWSalpKSkmhkZpxlaGZkamRqamJkaWegbmAILFpCF4AAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUm1DuSPdb6UvBY_YCBWvOjyvSS9H6Rw-HQoKyYIFmoCaJIQTb9x-dZF_MBY
.northcountryonbroadway.com/ Name: _ga
Value: GA1.2.1916653799.1625255428
.northcountryonbroadway.com/ Name: _gcl_au
Value: 1.1.273151932.1625255428

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20811782p.rfihub.com
8705154.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
ajax.googleapis.com
apresolve.spotify.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
chat.satis.fi
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d2zi7r1qsrih6r.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
gew-spclient.spotify.com
googleads.g.doubleclick.net
i.scdn.co
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
northcountryonbroadway.com
open.scdn.co
open.spotify.com
p.rfihub.com
partners.tremorhub.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
ps.eyeota.net
rules.quantcount.com
secure.quantserve.com
sentry.io
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rtb123.com
x.bidswitch.net
x.dlx.addthis.com
107.178.244.119
13.224.193.17
142.250.181.226
142.250.185.162
142.250.185.70
151.101.114.49
18.190.65.212
184.73.14.153
185.33.221.50
185.94.180.125
193.0.160.128
2.18.233.201
2.18.234.21
2.18.235.93
23.45.99.241
2600:1901:0:524d::
2600:1901:1:64a::
2600:1901:1:c36::
2600:1f18:612b:4200:43f8:c79a:f116:17d6
2600:9000:20eb:9a00:6:44e3:f8c0:93a1
2600:9000:2156:2000:1:76cf:fe80:93a1
2600:9000:2156:a600:2:e9fc:a0c0:21
2606:4700:3034::ac43:a505
2606:4700::6810:125e
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:1b::485
2a04:4e42:62::760
3.121.27.153
35.157.2.63
35.188.42.15
35.244.174.68
52.214.168.199
52.29.176.117
52.29.225.117
54.72.232.11
67.225.220.126
69.173.144.139
030489aab18419549f58023e5f510375331099e58a91179ff73b6fc19ad0de4d
081ec2e3603b486df67db585f7c80fc747c06f574c0b1ba69e33bcd9be69b3f7
09d2e80332e79e8253654ea971e1672f9136908950558fdfcaa2e792f9211290
0a7bc8081891a51ceff1a3530f4fa0b15a0e0cef655980f41bd18ba5df784b13
0ad2b29586a7f8026ea07f23acc86dd7ed4f32132aaca9c1f0ae60d35d963792
0c01ec2367802de8a4d4f640fcb6cffcc26a8fa0d624a3ba4ebb0f57851a45c1
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e0a2f9e98701d81dbf96cad0bff896b1acd0e622a8fcde2b0b9dfda6f748e32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
189239fab8665ce7a1c71fbe8dbf69ccd3766cd91a75d883665e752810cd3416
1b7388d06d1a1a9fd5d2b15daae23b4803a9b219507824a1d394cb52826015c2
1d5dbb7edd6a85fb3934a128f8b95f188dffc3d5b2510fde8364841da43192d8
1dc74fcced151fa249a4edad79779aa762df112acc34d210869cba6c16ec2688
1fee7327bd1bf704be24c9463a2a7de6a5647b564774c34f3ed53f4fc31138d8
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
229792abe2fa8ebcd8d7d59b7c5184d723d12a9718643068870f041b062d9548
2332ed688848e6d166dcd7b6aaa738b9ae10b12c4d9a4284993b3de8d1e038a8
24fbf98a0312aa6db3b49c6d8e2ba9d2ae8d316bbb2f731b327f45ab23e07dda
25351aed0b90f256e00bbb4cb7e139e462cc96191bf84759cd23cf0297971faf
25b9e8f856422ddd5e8b99c947f761b17b874dbbcc4f89a3d66402d22d8cf930
26436428a3ae8d389b940ff9d7374271468afa1bfd64bdf3d02b62302c611650
2cc95ffce0ec4b4f6b4f3f8fbe16d58da7d1de0eafcfd297a599b5323378737c
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
324bc04ad3fb0e989a46084c965c4a9eea96ea628e7ae3f47c1d6d3f1fc06cc4
3733f5f0ba209431c473f0e62ef36672e079d0d5541313a220882a027c31790f
3ec07ee5912c0650f1f458bf1977356d9982ef0110cd92b86ccfd5c0d9b52fa7
43c8e9e4f34575fa3ccbb65dd5b4fcbf49216d6a9664bb87784220ccd871e5ed
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48318bb039029330495821d1eb8b776fd0f134cf5b88baac49b337d8c257c7bb
49221be9b42a1ecfb88e2670d60f33f7974173da903b1c4f2f997553ce299717
492666c6ade0d6efe1a0756c031b143347863b5cee2dca8373115d5588a5b0e0
49a626f58f78a3117dd63cdc4ff6e6bddde5cd1c3b437962a40fccdbb5d82100
4a75dc2d6f1f4c6ed9911a20ebc7350b8ff467eecd822880fb89d5f1aac42c09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccd055bf72ed06c586aa10c46e6b7ed6066ab76b3304c29b5cdfd6d6032cc8e
4d398aa67273ee5164006abff8b66347725e4961014cdfb31a89ff921ee64837
4e4c40e74e0b08b38192ca829e47336c15c7a9993ebce88a58fedc64b88cd282
53d448ec305b4794987f0018247cf6ee092666600ea87ecafa1ecb68fbdf9862
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
59b6af05ca06b278e4f5c3f03b3decb0ae5fd441f2647ff1fba8cd962805afc3
5a2ba03eb2cc3b5276547f700b0cda3717acddde6d255c60fdcd85e4927921bb
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5f0a22832a98e304d91ecbb3caec5ba77fd637863087c141b3ff74fa4fea7402
5f9e2e23b81cc1eb7e7cff4fa1363576e075a83d88a8f6f38da5d2b395bcca44
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ae7faaf9036d48e18bf2ee4a379213c3dd1a773942f701447e5603cf2f5224e
6b84c1b3d736031dc8cae8b801f67994e2559050fc0628a8fb24cf0ebe271d8c
6c4d399fccbe0c7174ce0a60531099e0329fedbdb9d9657f46364669d1f9955e
6db266dafa1684057ec7bb7eb49136e68cf7e1f45767726d365e8c2095b06c23
6f7022fcdd1e7906d7fbdefde8835735ee913bbd2f201985a769c6b091c266e9
710efeb099ed385349e34066523920c6663cf68f4e0741fe7984b2bcb0295062
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7815af333faa73673199bb4a1470bbe530fabb9814cf8a53f440dbf8b1164593
7cdfb975d18d2acbabdd9d273268e380399371e2039887529902629cdbdd3b1b
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
806a1a0f56af1b228b80730824489eb3fd65ad96fd8bdcd1b1a67d6a0bf90f31
8168a776ffbb7128cca2d7a9f6788cdaca885d1b1703e2411bbb1f28fc73b437
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8972d2831513afdd9cd15fe53fc2fa92261f35b445fe078f4c9a13023d8e5061
8d4082d7c03c646cd6995c50edafc799bf401263629ba0b96257c7789f556254
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
94976cacc986d2c954b36746eb77bef00788f1a7d1913c73e89d72fb41602d35
9566b9f02ae6df516617a413449eff4994e634d6bae2dcb4cca4760f69a0eeab
96ae548753a58ced37bb9bb716cdc445e1d0395d634c81812669ba6b9ce490c1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c520c2eb63487fd37a8eac3e55205b5233dc562ffbb38159168b1466d2c0c80
9d53a8edd17088cb47de511baaa7705d0b5e25d7ddf77b1682e907525b520e8a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24da1092d03c62f0a787887bf897423078d0cba5df6b507c0807c7f3bdf430b
a3e6bd1fd9420e5315e0e3f1f0be6d5982db2d8afb66727390936f13741a0dbb
a5584702b3b62da6c370311dcf472fd6e58759e0937a0a1441feeb1903607f49
a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d
a797f35be7bc6505a3d75419d1c9b1d951f0f0250f7fa471688d1b54253d8afc
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
af62b9b522cdb703dc2906c08e23f791a71bb44a15f2f9e595e75fee0fe00da7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38ef52f3f713eccddf166807b7ad3844c5672b8e52a8fb2c0e7bde80af3729c
b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797
b43f02c549790c49fdb850aa299095f12783d76d61911920cda36c07ce340b32
b7901ec5fc66799d855b5478364c5f391b7d6fe3e1d911a282371e4d66128dc3
b91a755f25772255f728f441d6d7b0e5075badc41f4f07ce97f614478f0acdec
ba332dbedfce56f226409162941cc87877c37d2543ee638ae6dfb7c17b255919
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc5fa102faa48ed3cc9f8cb82e9aa1ab5b034ea28bd9b29ffbce59ae2e5fec68
c423eb426c6517407e749b4a6f43d31d593b312694727c36eb92fe92894f702c
c5186473661bc894ffc3a3b3f6d369984b3b1f89ce4a88d6707fee73501f77cb
c7018fffd1b508bc3312e86ffc191b531c96efc45473af3638013f9a55881e6d
c82b4d37afc8b08cf9f319e5ee0eaeb9b00f6cc42a2f6cb7166a223b9eda155b
c86ddba7cf0d8c8f39ed4cf84b31a416e8761a067fa07a73156ae3f489f1ca36
c96694805d8f2d34728b20d0a8047b248b29467c26d5b13688d2f5f475e32aa3
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d1afde4119681731d643192853bbbcb8e251ad415d364de687ebf8072781837d
d2d2f3fad94209b9e8f3dc8a6c873c3f725e36b92f88e2cd5411f65d8317a47c
d4e9fb8e7c785fe9d5c7127696bcb562e36ab99a025e30afbac17a12697f7a4f
d5daf07712bea84b27fb4383f7b85d2e81581a00cda1821122dae8aac6ac5718
d9c386642fb0babbc9f7955875c90ea1efff32c01ba99a063185f7d677e6989b
dadbab8b313c8ab0ffb1ab5907c7735bcb90e3c5e252f7ea4f5166f8ca0670fa
db1e7e4c0ffb442e732d99176f8fdb937450ad93a3db81419c65ff57dcaae05f
db8c83f3c61c88bce5a8b4dadbbea9491d0ae6bf4a9fb313a05f126a8c386a7b
dda425225cedf6d3b5434881da147a6f70b7a21c62aa7a337c0151dd2775d40b
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
df022c2040eb195205727f1b34270293016fb07894546026c9a5b02cc1d6b797
e0b0b252e110c1f0e9bee5f5db003a34f98a4a0d4d810b9fb9f04bf6b7f44b05
e23b66d4b4ac029f618138a07427534a0d7270213d8a76dcd8066097ea4418bd
e255616d89a040df540989628aebb201b839991d365bd7732704ebce5f8d5b5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1901b8d24d948babb9afe61b37a32b1a07f1c02bfb15be91590dc45cc2ef4
e53a8195a1834c881ba140760253f6878a5d9d527864d338fdc281cc547aaa87
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea2edb11cde37f390d77ec43da8f5b02438512468a7fc1efc2a59e5886867274
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef55a8ef61c91f6ffcdd49f8e772ba99372096185231111ff38f62e383f2d372
efe7d643d02aafb9f5574edbf23eddb968775d35b797e56bb2d9c8fbd2e45894
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32
f610e668c668a2f988dc395a19a7898dbca2c1ac8b447077c4092f902bc9e599
f6cca06e988fc0884b2d53fc3f97022ed8ee1d147197c464d4d716efbd83ec35
f9c6bc16ea33c227ea2cb6bf8a8aa9bbb40ab4ab46596ced87be3fe24d84e5f7
fc0f21afd6da49e8098a9a20bed8f6fea98c03391dccb431482a79243826210e
fc42f716c296b127850fbca1e103af089ecf2fb1f7c152d8d5440c6130bb6018
fefe079ae8dd69727b3e120d56b5697376796db4d2f42eb3a5d786ef8d376d8d