nordsterntales.com Open in urlscan Pro
71.19.248.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nordsterntales.com/
Submission: On November 14 via api (November 14th 2022, 9:52:09 am UTC) from RU — Scanned from CA

Summary HTTP 71 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 71 HTTP transactions. The main IP is 71.19.248.80, located in Vancouver, Canada and belongs to ESECUREDATA, CA. The main domain is nordsterntales.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 22nd 2022. Valid for: 3 months.

This is the only time nordsterntales.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	71.19.248.80 71.19.248.80	11831 (ESECUREDATA) (ESECUREDATA)
1	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2013	15169 (GOOGLE) (GOOGLE)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
6	146.75.30.109 146.75.30.109	54113 (FASTLY) (FASTLY)
3	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2600:141b:f00... 2600:141b:f000:20::1737:a66f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
71	12

1 71.19.248.80 (Vancouver, Canada)

ASN11831 (ESECUREDATA, CA)
PTR: server.elitemembercenter.com

nordsterntales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

vipaccess.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2013 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:81f::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81d::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.75.30.109 (Ashburn, United States)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:141b:f000:20::1737:a66f (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

150vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 74	343 KB
11	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 2802 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2830 i.vimeocdn.com — Cisco Umbrella Rank: 2730	278 KB
11	gstatic.com fonts.gstatic.com	243 KB
10	akamaized.net 150vod-adaptive.akamaized.net — Cisco Umbrella Rank: 98845	1 MB
4	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1682 player-telemetry.vimeo.com — Cisco Umbrella Rank: 6815 vimeo.com — Cisco Umbrella Rank: 1575	10 KB
3	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 34784	1 KB
3	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 38239	168 KB
2	center.io js.center.io — Cisco Umbrella Rank: 40359	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	lpages.co vipaccess.lpages.co	38 KB
1	nordsterntales.com nordsterntales.com	2 KB
71	11

	Domain	Requested by
24	lh3.googleusercontent.com	nordsterntales.com
11	fonts.gstatic.com	fonts.googleapis.com
10	150vod-adaptive.akamaized.net	f.vimeocdn.com
5	fresnel.vimeocdn.com	f.vimeocdn.com
4	f.vimeocdn.com	player.vimeo.com
3	api.leadpages.io	js.center.io
3	static.leadpages.net	vipaccess.lpages.co static.leadpages.net
2	player-telemetry.vimeo.com	f.vimeocdn.com
2	i.vimeocdn.com	nordsterntales.com
2	js.center.io	nordsterntales.com js.center.io
1	vimeo.com	f.vimeocdn.com
1	player.vimeo.com	vipaccess.lpages.co
1	fonts.googleapis.com	vipaccess.lpages.co
1	vipaccess.lpages.co	nordsterntales.com
1	nordsterntales.com
71	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.gem.xyz
discord.gg
opensea.io
www.imdb.com
www.facebook.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
nordsterntales.com cPanel, Inc. Certification Authority	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.lpages.co R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2022-10-31` - `2023-01-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.center.io Go Daddy Secure Certificate Authority - G2	`2021-11-22` - `2022-12-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-01` - `2023-03-31`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-09-30` - `2022-12-29`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://nordsterntales.com/
Frame ID: 62797AE212FD6113165EB2F0AFA56328
Requests: 45 HTTP requests in this frame

Frame: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Frame ID: A037C0EE56ECE267DAF108B2BFD9AD59
Requests: 25 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 4177E37751B146CFBEA86EF8381B284F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nordstern TalesNordstern Tales

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

71
Requests

100 %
HTTPS

42 %
IPv6

11
Domains

15
Subdomains

12
IPs

3
Countries

2159 kB
Transfer

3460 kB
Size

5
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/KellyStronghart
Title: KELLY'S TWITTER

Search URL Search Domain Scan URL

URL: https://twitter.com/BillTheFeared
Title: BILL'S TWITTER

Search URL Search Domain Scan URL

URL: https://www.gem.xyz/collection/nordstern-tales
Title: GET NFT

Search URL Search Domain Scan URL

URL: https://discord.gg/scCTAy24YC
Title: MEMBERS

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xe75113d4a417c2d33c67fb127b419e5f47c5d62c/7645
Title: POTM #7645

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xcf163c260621bf4c3087bd2729716949f8333c40/1
Title: SNAG THIS NFT »

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xe75113d4a417c2d33c67fb127b419e5f47c5d62c/7117
Title: POTM #7117

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xcf163c260621bf4c3087bd2729716949f8333c40/2
Title: SNAG THIS NFT »

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xe75113d4a417c2d33c67fb127b419e5f47c5d62c/6578
Title: POTM #6578

Search URL Search Domain Scan URL

URL: https://opensea.io/assets/ethereum/0xcf163c260621bf4c3087bd2729716949f8333c40/3
Title: SNAG THIS NFT »

Search URL Search Domain Scan URL

URL: https://www.gem.xyz/collection/0xcf163c260621bf4c3087bd2729716949f8333c40/
Title: SAVE GAS ON GEMS.XYZ »

Search URL Search Domain Scan URL

URL: https://www.imdb.com/name/nm4540688/
Title: IMDB

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iandelcarmen5432/videos
Title: .css-4e78w1{position:absolute;height:1px;width:1px;overflow:hidden;-webkit-clip:rect(1px 1px 1px 1px);clip:rect(1px 1px 1px 1px);-webkit-clip:rect(1px,1px,1px,1px);clip:rect(1px,1px,1px,1px);white-space:nowrap;}Share on Facebook.css-168f5rq{color:white;}

Search URL Search Domain Scan URL

URL: https://twitter.com/dcryptian
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/iandelcarmen/
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OfficialGrindhouse/videos
Title: Share on Youtube

Search URL Search Domain Scan URL

URL: https://opensea.io/collection/pirates-of-the-metaverse-by-drip-studios
Title: Pirates of the Metaverse NFT

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nordsterntales.com/ 2 KB
2 KB 437ms
98ms Document
text/html 71.19.248.80
ESECUREDATA

General

Check archive.org

Show headers Download Go to

Full URL: https://nordsterntales.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 71.19.248.80 Vancouver, Canada, ASN11831 (ESECUREDATA, CA),
Reverse DNS: server.elitemembercenter.com
Software: Apache /
Resource Hash: 4470af4829bdc86c547134fa3a0b924bf6fa33567c1c33a777a9cc8fbf4b8942

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 09:52:03 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 / Show response
vipaccess.lpages.co/_/js/nordstern-tales/ 283 KB
38 KB 234ms
78ms Script
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vipaccess.lpages.co/_/js/nordstern-tales/

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

2e509715aa0aea6e8269e87428f4b65f9839e2517b80619dd13137ff2533a093

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
strict-transport-security: max-age=15768000
content-encoding: br
last-modified: Mon, 14 Nov 2022 08:54:24 GMT
server: Leadpages
etag: W/"66a60c8e52a6061e09bb3430eefe67c5"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/html
cache-control: no-cache

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 66ms
12ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/nordstern-tales/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 08:34:44 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 263839
etag: "rvb96Q"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 87fa5f6df0e2d102f9d315a308debf8f
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Sat, 11 Nov 2023 08:34:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 41 KB
2 KB 87ms
41ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/nordstern-tales/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55f6c178c3940aeaf2a329de7e38061649140a918a505ee6a02f31d3982eeb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 09:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 09:52:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 09:52:03 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
12 KB 136ms
36ms Script
application/javascript 2607:f8b0:4006:81e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: nordsterntales.com
URL: https://nordsterntales.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2013 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:48:30 GMT
server: Google Frontend
age: 213
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: da32c8b6f5bccdb0f332f0ce8b809540
cache-control: public, max-age=300
content-length: 12555
expires: Mon, 14 Nov 2022 09:53:30 GMT

GET
H/1.1 200
OK 712264487 Show response
player.vimeo.com/video/ Frame A037 17 KB
9 KB 346ms
285ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/nordstern-tales/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68fcbd946ac5b27f2a348da5743e69446f41f5c5d14eca90f175186135106604

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nordsterntales.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 769eda25cc42a21c-YYZ
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 09:52:03 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-yyz4542-YYZ
X-Timer: S1668419524.502509,VS0,VE250
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
expires: Mon, 14 Nov 2022 10:02:03 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy5
x-bapp-server: player-685d5c6dfc-dvq7r
x-content-type-options: nosniff
x-host: player-685d5c6dfc-dvq7r
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-4
x-xss-protection: 1; mode=block

GET
H2 200 aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w16
lh3.googleusercontent.com/ 389 B
460 B 260ms
206ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5260a6697e56dbe468218b871cef4bfd460ef18eb7b76d5dd32a3c0c625bd9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 389
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 FXX1rOsUOduADcNGVWoagwpcctteeHfANcvmgqIiynCwi-8sPjm3aw9M-BfS_PGQAYOuhARuIYWUuAYgV3fyavWVexOxe9wobKQ=w16
lh3.googleusercontent.com/ 715 B
786 B 206ms
153ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/FXX1rOsUOduADcNGVWoagwpcctteeHfANcvmgqIiynCwi-8sPjm3aw9M-BfS_PGQAYOuhARuIYWUuAYgV3fyavWVexOxe9wobKQ=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4674585c2c5469ab0149f1616d5d697f8cacffe54d65e74f4cd863a79909a59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 715
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 77UfaorlBrsbZSnPIBZpNcUU5jqG5CXB7tvvIWUERAI1SvuBZHWGoiY7oUZdUQY-GCOSNaZq-grl2G5MZLOt6KImlK_yQphUb98=w16
lh3.googleusercontent.com/ 602 B
663 B 232ms
178ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/77UfaorlBrsbZSnPIBZpNcUU5jqG5CXB7tvvIWUERAI1SvuBZHWGoiY7oUZdUQY-GCOSNaZq-grl2G5MZLOt6KImlK_yQphUb98=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

15ce592cfcc386be9148c2ccddca8456f4b26c6b86ec5f31a202cc76ee743454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 602
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 5wNHCYt84UiIiyjVXmebJzgWjnLK2LUG_Wg5tBVOu9gezONEXaP6yn93vkgm4Kj1YwAto1EGDrldiyb9-XiQVgXwH51P2Zscgo0=w16
lh3.googleusercontent.com/ 680 B
1 KB 193ms
140ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5wNHCYt84UiIiyjVXmebJzgWjnLK2LUG_Wg5tBVOu9gezONEXaP6yn93vkgm4Kj1YwAto1EGDrldiyb9-XiQVgXwH51P2Zscgo0=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ae1400840e97c1d911115a6c0e0f1ff98d3ae41e40f09e27daa425cc514f183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 5Id78E9ffvHA8vM6VRLu7KFxLIfeBVLWnRhfa2ptRNZ1SwB5Jz13lwaiTz2Difz0oyNagtIl-J0Yb-NHbym8MOXeJcN8AIEUPVg=w16
lh3.googleusercontent.com/ 630 B
692 B 243ms
190ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/5Id78E9ffvHA8vM6VRLu7KFxLIfeBVLWnRhfa2ptRNZ1SwB5Jz13lwaiTz2Difz0oyNagtIl-J0Yb-NHbym8MOXeJcN8AIEUPVg=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

19b1f3117de2206bcd5c5c434c61d237d9e873243eee00d9afbb805480838210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 630
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 anCxYViJPe2Un1md5-UOEql3mU1AcEkffJfYbwo0-9865dV9lH4zosz__S8e9tcsjJbewVh_Zkp9R9MYzecG3Drx-0kSPOnQYsg=w16
lh3.googleusercontent.com/ 598 B
669 B 459ms
407ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/anCxYViJPe2Un1md5-UOEql3mU1AcEkffJfYbwo0-9865dV9lH4zosz__S8e9tcsjJbewVh_Zkp9R9MYzecG3Drx-0kSPOnQYsg=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d54476ec4b8b3fb2861ff5eaf5025a0e6a1b4d351885353467ca240ac519ff09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 598
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 xLdweYmJdOqI9jbukYaTAbww5s_HqhrmG_oSDc0PXVMrfHN-gCGuI0cN_MeVlxOsTETVFOiu5L4tBmg3tr44iDWnMFHMzoKNeIQ=w16
lh3.googleusercontent.com/ 872 B
943 B 193ms
192ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xLdweYmJdOqI9jbukYaTAbww5s_HqhrmG_oSDc0PXVMrfHN-gCGuI0cN_MeVlxOsTETVFOiu5L4tBmg3tr44iDWnMFHMzoKNeIQ=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2d7343b0a44f61a0667e6f270bc0169f0f853680349f095c2df499f4b898e47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 872
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 ZNTNQ2q29yS4zFLu46a9_PfflEyGj_e9rwm-iS7suiKZbWwnR2Zg6fvJYUhTU1j4gFRMjqYBCBg0_PGudprL4sV4wBoCRnFSfg=w16
lh3.googleusercontent.com/ 918 B
989 B 247ms
246ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZNTNQ2q29yS4zFLu46a9_PfflEyGj_e9rwm-iS7suiKZbWwnR2Zg6fvJYUhTU1j4gFRMjqYBCBg0_PGudprL4sV4wBoCRnFSfg=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e422d47b467054b7e935f93b6608bda176699749cde0041e8e46e9ec543b93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 918
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 sASOO2N79orCZoSzKhV2z1plQj4wzJ46t3p9_E-L4ZmrgfrWilWOXTrpww7CNFHVYImDtqNjn85EcWYVIbScKdMJcF7FD-2Mk5k=w16
lh3.googleusercontent.com/ 929 B
1017 B 135ms
134ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/sASOO2N79orCZoSzKhV2z1plQj4wzJ46t3p9_E-L4ZmrgfrWilWOXTrpww7CNFHVYImDtqNjn85EcWYVIbScKdMJcF7FD-2Mk5k=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e8ec02c11e45395b837c0abf7acec90a4f0d1f6f67424d50cf8ae7f59af8bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 929
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:54:52 GMT

GET
H2 200 C_5RX4XwWlzzOrGj1pbPZLoES6JBRTr2xD__0xl3Ompi9-MNe8B59yETDPCyy07sV_LDlo04JphGSWaIwpGHeL2IBUfwE-6SrDSb=w16
lh3.googleusercontent.com/ 963 B
1 KB 175ms
174ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/C_5RX4XwWlzzOrGj1pbPZLoES6JBRTr2xD__0xl3Ompi9-MNe8B59yETDPCyy07sV_LDlo04JphGSWaIwpGHeL2IBUfwE-6SrDSb=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e26d92147621a0bb2048596a33a693c9eb123a4a08302c8fe56078765f900b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 UFhEj491ktOXC14kqQkxvv6L-O3DKVskfhwnm5BBRB_DFa881x1qT4ss2lIPNADGUKRO3R3PRloluKfhdVaWdwIMh2zhUbFxZIA=w16
lh3.googleusercontent.com/ 922 B
983 B 172ms
172ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/UFhEj491ktOXC14kqQkxvv6L-O3DKVskfhwnm5BBRB_DFa881x1qT4ss2lIPNADGUKRO3R3PRloluKfhdVaWdwIMh2zhUbFxZIA=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb856dccfb9a722fee139a6b0d9b3c59a2a2318b57de3fb3a56276f98acdb379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 922
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 bZ-BZ8VVdLs8JrcxGF6rou6ltFgAt0r6RimGvLxSv64O2ub0ul-rKayskhV6rBDH0voy_gijbDuQRX4lVC2S3SFPuespKrcUmsn5=w16
lh3.googleusercontent.com/ 880 B
951 B 255ms
254ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/bZ-BZ8VVdLs8JrcxGF6rou6ltFgAt0r6RimGvLxSv64O2ub0ul-rKayskhV6rBDH0voy_gijbDuQRX4lVC2S3SFPuespKrcUmsn5=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94312fa8b498e14ab0cbd1f737cbc8ed8592cbc020ed7de28d00ae632f7c2b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 880
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 oTkUhysPaVkvGSpUeWRjdfmrBgZZyX7NEp3sedqtQJ1wbOKLQgQGcU08DWjU6KZ23BCm4EumYacKBIaovYroryy2NYcr_u3MRkE=w16
lh3.googleusercontent.com/ 462 B
524 B 180ms
179ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/oTkUhysPaVkvGSpUeWRjdfmrBgZZyX7NEp3sedqtQJ1wbOKLQgQGcU08DWjU6KZ23BCm4EumYacKBIaovYroryy2NYcr_u3MRkE=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cba642c1c0c862aed406ef8ccc6b4eddadf35cc4937ebaddc376454b819e507d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 462
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 9AGp2LERAJoax78uZ_bGR5fF7IyIDbjLvDvfJUEjGJKnOTxwQuybTOhkSrKR8GFyE8xE2rT7Bw1oL7Z_Ud11EbKiLp2iy2P2Xg=w16
lh3.googleusercontent.com/ 883 B
945 B 169ms
168ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/9AGp2LERAJoax78uZ_bGR5fF7IyIDbjLvDvfJUEjGJKnOTxwQuybTOhkSrKR8GFyE8xE2rT7Bw1oL7Z_Ud11EbKiLp2iy2P2Xg=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e5e17eb63b8bebc4da4de6da30d91b95f5bb77190f4d38d5b43f58f6c8ce8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 883
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 GA5Tfn9RIrzruOE5sYKMlNXK8uJhb5gFOqB9Cvmi0jkAvbHO9ZyWEZreYsDw979LWiKl092tQjLoVvQWq7cpbJftZw4s4XFCRxY=s0
lh3.googleusercontent.com/ 7 KB
7 KB 161ms
161ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/GA5Tfn9RIrzruOE5sYKMlNXK8uJhb5gFOqB9Cvmi0jkAvbHO9ZyWEZreYsDw979LWiKl092tQjLoVvQWq7cpbJftZw4s4XFCRxY=s0

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

293780eae03e6e07fb89b7d172e5dbd18ac5070f5d96f7ea407e93179ac12ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7455
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w16
lh3.googleusercontent.com/ 1 KB
1 KB 156ms
156ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ec37e948878cd6f092ebda6f7714c1e6aeb677e07f183102f5f0861096080fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1206
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w16
lh3.googleusercontent.com/ 4 KB
4 KB 136ms
135ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91bcc0f032f9565d09168214753e3c97750479cbb294ce711434d304b36a83b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4091
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 zhANiVjnpYOjD_TjWE1tu3_lsAhRSFuqiANHSUR3Adsx5WwdcL7Q1NF6KBoCuRWLHH4ACCXto7p1040wdIVLK9Kmb8YfnliAtECh=w16
lh3.googleusercontent.com/ 339 B
410 B 177ms
177ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zhANiVjnpYOjD_TjWE1tu3_lsAhRSFuqiANHSUR3Adsx5WwdcL7Q1NF6KBoCuRWLHH4ACCXto7p1040wdIVLK9Kmb8YfnliAtECh=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2274a69a9e8a8d7844d36a5dad8b7899c95577f982afa50f0c43f906e7a1ea46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 lHDe39DT1amc6Loxz5a7lfTr_5KY5LNKaPCPNyGdLDsHAmr8jm4g3Y3GrZMoypJdH2S9b_7ZcU_PJdushymNvBvmRp6b5QIVLjAN=w16
lh3.googleusercontent.com/ 437 B
499 B 148ms
148ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/lHDe39DT1amc6Loxz5a7lfTr_5KY5LNKaPCPNyGdLDsHAmr8jm4g3Y3GrZMoypJdH2S9b_7ZcU_PJdushymNvBvmRp6b5QIVLjAN=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d7a125ba9a7521eea59f10046917cccce1d929ef716e312b67e84f1ac8d36ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 tg7xYEdCVpz66PsBtzTGwlasEeEaraqM-ettfUye4O_FjAyMEQDzHIfdZLKefOCR12hUL-mdupvTa2Y0y8FpbuEp0tHORjrVSw=w16
lh3.googleusercontent.com/ 440 B
511 B 161ms
160ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/tg7xYEdCVpz66PsBtzTGwlasEeEaraqM-ettfUye4O_FjAyMEQDzHIfdZLKefOCR12hUL-mdupvTa2Y0y8FpbuEp0tHORjrVSw=w16

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42b73bbdee597951d2f36b518db5d68ea5605d7779b7dc8512208ca934535484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 440
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H3 200 fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 78 KB
78 KB 39ms
15ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 08:37:06 GMT
via: 1.1 google
server: Google Frontend
age: 263697
etag: "rvb96Q"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 0bfd81ea6a53579a6fc22eee2565a751
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80148
expires: Sat, 11 Nov 2023 08:37:06 GMT

GET
H3 200 fa-brands-400.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 35ms
13ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:18:45 GMT
via: 1.1 google
server: Google Frontend
age: 1074798
etag: "rvb96Q"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 22aba971b48f5694fe50ca3598df120e;o=1
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77400
expires: Wed, 01 Nov 2023 23:18:45 GMT

GET
H3 200 4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w1600
lh3.googleusercontent.com/ 44 KB
44 KB 160ms
117ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/4WtpiVYL8eqiHuNcPxkUjHRuoQISdNOH-B6A1S-33uIiA0peDLJZYGhT9KnyvpQqY7Y_HvCGknbzvF8GLMLmq2D9h5MQYoII-vOh=w1600

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f51adc720ba79344ad8ef2fbf722ff0a2b2945068ea2344fa3dd31006971b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45293
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H3 200 VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w1600
lh3.googleusercontent.com/ 201 KB
201 KB 148ms
107ms Image
image/jpeg 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VmOQpXBgHsdjms5zbOTq_9xT8ysY4_s-SCoLJ-Hl_w2pdTRUh7a1hSrKyHlOtvvfGiwMi90HSYn_NqBU6uBgNJP9zpSQqNUscMY=w1600

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b75ee0fa7b2fc85897db05a369a4d23e19224f528b4f1b961359d7a07ef1c137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205800
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 103ms
50ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 257245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 10:24:38 GMT

GET
H2 200 6aey4Ky-Vb8Ew8IROpI.woff2
fonts.gstatic.com/s/forum/v16/ 23 KB
23 KB 91ms
40ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/forum/v16/6aey4Ky-Vb8Ew8IROpI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

787d8e70b8b85398e17c032f6840dd83b9ec435f86a2a1ff11f97a9778e88cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 17:33:36 GMT
x-content-type-options: nosniff
age: 404307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23592
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:34:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 17:33:36 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 69ms
21ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 17:54:57 GMT
x-content-type-options: nosniff
age: 403026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 17:54:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 127ms
80ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 07:09:30 GMT
x-content-type-options: nosniff
age: 528153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:09:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 75ms
32ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 397199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:32:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 113ms
71ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 10:24:41 GMT
x-content-type-options: nosniff
age: 257242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 10:24:41 GMT

GET
H2 200 If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v24/ 41 KB
42 KB 121ms
92ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:19:01 GMT
x-content-type-options: nosniff
age: 185582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42404
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:34:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 06:19:01 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 76ms
65ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 17:46:43 GMT
x-content-type-options: nosniff
age: 403520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 17:46:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 62ms
56ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 18:52:16 GMT
x-content-type-options: nosniff
age: 572387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 18:52:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 7 KB
7 KB 90ms
86ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:14:59 GMT
x-content-type-options: nosniff
age: 275824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 05:14:59 GMT

GET
H2 200 wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v19/ 25 KB
25 KB 85ms
82ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordsterntales.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 20:03:53 GMT
x-content-type-options: nosniff
age: 481690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25184
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:26:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 20:03:53 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 4177 4 KB
2 KB 30ms
29ms Document
text/html 2607:f8b0:4006:81e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2013 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://nordsterntales.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 209
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Mon, 14 Nov 2022 09:48:34 GMT
etag: "OMWYXg"
expires: Mon, 14 Nov 2022 09:53:34 GMT
server: Google Frontend
x-cloud-trace-context: 023ea01776a1684e483d9007726d83d6

GET
H3 200 aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w1062
lh3.googleusercontent.com/ 59 KB
59 KB 260ms
258ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w1062

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b81465146c58b22c011cf4e65ec3808e0514617f895c36962d100391b083a895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:04 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60508
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:04 GMT

GET
H3 200 aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w343
lh3.googleusercontent.com/ 13 KB
13 KB 324ms
322ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/aCsa9shkYRllFbomqTX28h4uOk8BmyeuDpYdPFmxnIr_Bo7MEG_71XGzA6sVy1E3bUGrmovLzcChuI-M5iCDiFPRjTYnTD3_GA=w343

Requested by

Host: nordsterntales.com
URL: https://nordsterntales.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df5fb52efaea3bd1f0c2a48044fc1456232f99abba073556af9d803148f60019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:04 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13028
x-xss-protection: 0
expires: Tue, 15 Nov 2022 09:52:04 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.13.5/js/ Frame A037 465 KB
112 KB 116ms
23ms Script
application/javascript 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.13.5/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 766630a58736fdb1b14139ce96bd47dc33eaa43b057f80377dbffe95f8d5b3f8

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000031-IAD
date: Mon, 14 Nov 2022 09:52:03 GMT
content-encoding: br
via: 1.1 varnish
age: 53342
x-timer: S1668419524.945045,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 114733
x-cache-hits: 8105

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.13.5/js/ Frame A037 478 KB
115 KB 120ms
27ms Script
application/javascript 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5640a771b9584a5a3ad8e0b634451909b66b17e3596a9732d3d15395c169fc53

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000031-IAD
date: Mon, 14 Nov 2022 09:52:03 GMT
content-encoding: br
via: 1.1 varnish
age: 53341
x-timer: S1668419524.945095,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 118007
x-cache-hits: 8480

GET
H2 200 player.css
f.vimeocdn.com/p/4.13.5/css/ Frame A037 229 KB
20 KB 117ms
24ms Stylesheet
text/css 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.13.5/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5b8d3168ed8b836bd9c6ae5abcfdf6287e805e22481df85fc512d465f34eb903

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000109-IAD
date: Mon, 14 Nov 2022 09:52:03 GMT
content-encoding: br
via: 1.1 varnish
age: 53342
x-timer: S1668419524.944752,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20765
x-cache-hits: 7934

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
667 B 146ms
49ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=kncE8Y9wNbNuKddXnAocf9&v=&e=&st=&lc=en-US&pid=vVHAqwQWtBPcHspQ4Z5AEe&uid=zSbTcsLJ26PHRXqwa3SJrA&sid=mDFCDxhBTBb3mxnVoZhWrE&cid=lp-kncE8Y9wNbNuKddXnAocf9&uri=https%3A%2F%2Fnordsterntales.com%2F&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://nordsterntales.com
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 054jopjm8rdgm6rufao0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame A037 2 KB
1 KB 24ms
23ms Script
application/javascript 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/712264487?autoplay=1&loop=1&h=4c395e3c26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000109-IAD
date: Mon, 14 Nov 2022 09:52:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2219685
x-timer: S1668419524.122442,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 44954

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame A037 0
40 B 87ms
42ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d
i.vimeocdn.com/video/ Frame A037 14 KB
14 KB 364ms
353ms Image
image/avif 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d?mw=600&mh=337
Requested by: Host: nordsterntales.com
URL: https://nordsterntales.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 190886cc835fa142105fe8b56dffc8f75c75bcb61a5a3703e9b64dbde4993943

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, MISS, MISS
x-backend-server: varnish
content-length: 14341
viewmaster-server: viewmaster-us-central1-1gjk
x-served-by: cache-dfw-kdfw8210108-DFW, cache-iad-kiad7000109-IAD
x-timer: S1668419524.190754,VS0,VE322
etag: ada70eff41b569c83b4d5b7b0e98c727
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame A037 0
142 B 73ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d00b3bb023581622ffcac71e072a597d513499dc1668419523
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame A037 0
40 B 39ms
39ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d00b3bb023581622ffcac71e072a597d513499dc1668419523
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame A037 0
60 B 50ms
39ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 67 KB
12 KB 183ms
45ms XHR
application/json 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af,3dcd3ea4,b14147a4,acfc198b/audio/fe5ba53d,1809cb3f,88ad2533/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b765c2fdad1f630b150aeb4e9b40703093835cc460218a49457ba37bf1148054

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
Content-Encoding: gzip
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
origin-retrieved-hour: 1666717200
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 11403
AK-REFERENCE-ID: 0.6f22df17.1668419524.e37eab0
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
Aka-c-hit: cache-hit
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=29835115
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 43ms
43ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=78,260,97,438,1,443,744,745,1582,1582
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 149.56.153.184
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 054joplq8epqkkeq4jsg

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame A037 0
894 B 233ms
184ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=d00b3bb023581622ffcac71e072a597d513499dc1668419523

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sun, 13 Nov 2022 21:52:04 GMT
Date: Mon, 14 Nov 2022 09:52:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200069-IAD, cache-yyz4541-YYZ
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1668419524.356268,VS0,VE153
x-backend-proxy: webproxy2
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-5b79bd4756-g4cr5
Accept-Ranges: bytes
CF-RAY: 769eda2b2d625407-YYZ
X-Cache-Hits: 0, 0

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame A037 0
11 B 67ms
41ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d00b3bb023581622ffcac71e072a597d513499dc1668419523
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK fe5ba53d.mp4 Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 49 KB
50 KB 32ms
32ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/fe5ba53d.mp4?r=dXM%3D&range=1683-51504
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: e8f568158e76180299863dfce0a914b29b6c344c9a98091937fa191bb2872c27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 49822
AK-REFERENCE-ID: 0.6f22df17.1668419524.e37eaca
Last-Modified: Sat, 21 May 2022 01:13:10 GMT
Server: parcel
ETag: "-CPWkr/u07/cCEAI="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447086
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK 3dcd3ea4.mp4 Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 57 KB
58 KB 33ms
33ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/parcel/video/3dcd3ea4.mp4?r=dXM%3D&range=1681-60267
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 1974198e6de8c9647e4a3a65438173297c923aa38cd916b874f882fdf92e64a3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
origin-retrieved-hour: 1668045600
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 58587
AK-REFERENCE-ID: 0.6f22df17.1668419524.e37eaf4
Last-Modified: Sat, 21 May 2022 01:13:27 GMT
Server: parcel
ETag: "-CKKryoO17/cCEAI="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31164664
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK 88ad2533.mp4 Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 72 KB
73 KB 37ms
36ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=1683-75543
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: d27e42cc5c94d36d438077ebd97a113ad398705e34878377ff29ac3184c8947c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 73861
AK-REFERENCE-ID: 0.6f22df17.1668419524.e37eb12
Last-Modified: Sat, 21 May 2022 01:13:16 GMT
Server: parcel
ETag: "-CMGin/607/cCEAI="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447336
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment-1.m4s Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 202 KB
203 KB 32ms
32ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af/chop/segment-1.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1d6eca18a6398d8e9267b3ae6b1434393c48852b7f3e8f3631bf11562e05c29e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:04 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1668045600
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 206672
AK-REFERENCE-ID: 0.6f22df17.1668419524.e37eb31
accept-range: bytes
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31164696
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d
i.vimeocdn.com/video/ Frame A037 14 KB
14 KB 24ms
23ms Image
image/avif 146.75.30.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1436025415-ab83b97d720fb4b1b747e280c0925708193368a76edb3dee22f231cbd6bb5abd-d?mw=600&mh=337
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.30.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 190886cc835fa142105fe8b56dffc8f75c75bcb61a5a3703e9b64dbde4993943

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:52:04 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, MISS, HIT
x-backend-server: varnish
content-length: 14341
viewmaster-server: viewmaster-us-central1-1gjk
x-served-by: cache-dfw-kdfw8210108-DFW, cache-iad-kiad7000109-IAD
x-timer: S1668419525.639153,VS0,VE0
etag: ada70eff41b569c83b4d5b7b0e98c727
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 1

POST
H3 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame A037 0
12 B 37ms
37ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame A037 0
11 B 42ms
42ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d00b3bb023581622ffcac71e072a597d513499dc1668419523
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 14 Nov 2022 09:52:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 88ad2533.mp4 Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 72 KB
73 KB 61ms
60ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=75544-149238
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 2f72133f8d0ca5866b6870b81bbe28db103c455d8931892c7d9309d3981091cb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:05 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 73695
AK-REFERENCE-ID: 0.6f22df17.1668419525.e37eb4f
Last-Modified: Sat, 21 May 2022 01:13:16 GMT
Server: parcel
ETag: "-CMGin/607/cCEAI="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447227
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment-2.m4s Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 221 KB
222 KB 48ms
48ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af/chop/segment-2.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 54bb42d13be1b98cf12ad2552c9f87121709499e801e195b44798bed5fc827b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:05 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:m,PE:h
using-starlord: true
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 226690
AK-REFERENCE-ID: 0.6f22df17.1668419525.e37ecdd
accept-range: bytes
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447205
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK 88ad2533.mp4 Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 72 KB
73 KB 55ms
55ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=149239-222652
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 1beed69cb7e5f0063e9018d413be0849d69df332b934ad87433efca76542eb79

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:05 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 73414
AK-REFERENCE-ID: 0.6f22df17.1668419525.e37ecff
Last-Modified: Sat, 21 May 2022 01:13:16 GMT
Server: parcel
ETag: "-CMGin/607/cCEAI="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447146
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK segment-3.m4s Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 221 KB
222 KB 33ms
33ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/sep/video/ad5249af/chop/segment-3.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 30aebcbcf590db346c881546d08d8a7f27f8f484eef67516a1be386ff8e6f1e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:05 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 226060
AK-REFERENCE-ID: 0.6f22df17.1668419525.e37ed44
accept-range: bytes
ETag: "b4d4ca267e6d9612b382ee541054a7ec"
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447144
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK 88ad2533.mp4 Show response
150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d3604315... Frame A037 72 KB
73 KB 43ms
43ms XHR
video/mp4 2600:141b:f000:20::1737:a66f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://150vod-adaptive.akamaized.net/exp=1668423423~acl=%2F83cbf95e-9111-4976-aba3-d36043153f25%2F%2A~hmac=11dc7ff1c293f083503c6dfefb73fd3f135720bc3e04c90b3812b78a5daeaf09/83cbf95e-9111-4976-aba3-d36043153f25/parcel/audio/88ad2533.mp4?r=dXM%3D&range=222653-296441
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.13.5/js/vendor.module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:f000:20::1737:a66f Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: f00986848f9eac9da0ec0fd2501ea036292808e777618f3d92c75240c2320ffd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:05 GMT
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
origin-retrieved-hour: 1668330000
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 73789
AK-REFERENCE-ID: 0.6f22df17.1668419525.e37ed5d
Last-Modified: Sat, 21 May 2022 01:13:16 GMT
Server: parcel
ETag: "-CMGin/607/cCEAI="
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31447084
Akamai-Edge-IP: 2600:141b:f000:20::1737:a66f
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
442 B 41ms
41ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=X8qTLMLn6jBTcJck7bonqV&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=144,175.60000038146973,1,148
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nordsterntales.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 09:52:08 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://nordsterntales.com
X-Forwarded-For: 149.56.153.184
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 054joqk9sacj205uiad0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| LeadPagesCenterObject function| center object| sup

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 07:28:25	Name: view.vVHAqwQWtBPcHspQ4Z5AEe.kncE8Y9wNbNuKddXnAocf9 Value: 1668419524000
.vimeo.com/	1970-01-20 07:27:01	Name: __cf_bm Value: EKZmw5pvZxMN1GuOn9.9UIAMVs2HsoDS3v0o1t5yvNQ-1668419523-0-AelrE5VOiWSUctewvaSm2jdVXIR3Px41ixmNz0k4e7GychoaKreDDa1Lbw2hptG8qRocr7ENXFRRGZ2DzHhfT2A=
js.center.io/	1970-01-20 17:02:59	Name: centerVisitorId Value: zSbTcsLJ26PHRXqwa3SJrA
.vimeo.com/	1970-01-20 16:12:35	Name: player Value: ""
.vimeo.com/	1970-01-20 17:02:59	Name: vuid Value: pl2092218762.1077319849

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vipaccess.lpages.co/_/js/nordstern-tales/ Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

150vod-adaptive.akamaized.net
api.leadpages.io
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
js.center.io
lh3.googleusercontent.com
nordsterntales.com
player-telemetry.vimeo.com
player.vimeo.com
static.leadpages.net
vimeo.com
vipaccess.lpages.co
146.75.30.109
162.159.138.60
2600:141b:f000:20::1737:a66f
2607:f8b0:4006:80c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2013
2607:f8b0:4006:81f::2001
34.107.203.240
34.120.202.204
35.192.151.63
35.202.21.90
71.19.248.80
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15ce592cfcc386be9148c2ccddca8456f4b26c6b86ec5f31a202cc76ee743454
190886cc835fa142105fe8b56dffc8f75c75bcb61a5a3703e9b64dbde4993943
1974198e6de8c9647e4a3a65438173297c923aa38cd916b874f882fdf92e64a3
19b1f3117de2206bcd5c5c434c61d237d9e873243eee00d9afbb805480838210
1beed69cb7e5f0063e9018d413be0849d69df332b934ad87433efca76542eb79
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1d6eca18a6398d8e9267b3ae6b1434393c48852b7f3e8f3631bf11562e05c29e
1e5e17eb63b8bebc4da4de6da30d91b95f5bb77190f4d38d5b43f58f6c8ce8c8
2274a69a9e8a8d7844d36a5dad8b7899c95577f982afa50f0c43f906e7a1ea46
293780eae03e6e07fb89b7d172e5dbd18ac5070f5d96f7ea407e93179ac12ac3
2d7343b0a44f61a0667e6f270bc0169f0f853680349f095c2df499f4b898e47c
2e509715aa0aea6e8269e87428f4b65f9839e2517b80619dd13137ff2533a093
2f72133f8d0ca5866b6870b81bbe28db103c455d8931892c7d9309d3981091cb
30aebcbcf590db346c881546d08d8a7f27f8f484eef67516a1be386ff8e6f1e8
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3ae1400840e97c1d911115a6c0e0f1ff98d3ae41e40f09e27daa425cc514f183
42b73bbdee597951d2f36b518db5d68ea5605d7779b7dc8512208ca934535484
4470af4829bdc86c547134fa3a0b924bf6fa33567c1c33a777a9cc8fbf4b8942
44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac
4674585c2c5469ab0149f1616d5d697f8cacffe54d65e74f4cd863a79909a59f
5260a6697e56dbe468218b871cef4bfd460ef18eb7b76d5dd32a3c0c625bd9e5
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
54bb42d13be1b98cf12ad2552c9f87121709499e801e195b44798bed5fc827b0
55f6c178c3940aeaf2a329de7e38061649140a918a505ee6a02f31d3982eeb8e
5640a771b9584a5a3ad8e0b634451909b66b17e3596a9732d3d15395c169fc53
5b8d3168ed8b836bd9c6ae5abcfdf6287e805e22481df85fc512d465f34eb903
68fcbd946ac5b27f2a348da5743e69446f41f5c5d14eca90f175186135106604
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f51adc720ba79344ad8ef2fbf722ff0a2b2945068ea2344fa3dd31006971b34
766630a58736fdb1b14139ce96bd47dc33eaa43b057f80377dbffe95f8d5b3f8
787d8e70b8b85398e17c032f6840dd83b9ec435f86a2a1ff11f97a9778e88cf8
7d7a125ba9a7521eea59f10046917cccce1d929ef716e312b67e84f1ac8d36ef
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e8ec02c11e45395b837c0abf7acec90a4f0d1f6f67424d50cf8ae7f59af8bf6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
91bcc0f032f9565d09168214753e3c97750479cbb294ce711434d304b36a83b8
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94312fa8b498e14ab0cbd1f737cbc8ed8592cbc020ed7de28d00ae632f7c2b33
9e422d47b467054b7e935f93b6608bda176699749cde0041e8e46e9ec543b93d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b75ee0fa7b2fc85897db05a369a4d23e19224f528b4f1b961359d7a07ef1c137
b765c2fdad1f630b150aeb4e9b40703093835cc460218a49457ba37bf1148054
b81465146c58b22c011cf4e65ec3808e0514617f895c36962d100391b083a895
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
cba642c1c0c862aed406ef8ccc6b4eddadf35cc4937ebaddc376454b819e507d
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d27e42cc5c94d36d438077ebd97a113ad398705e34878377ff29ac3184c8947c
d54476ec4b8b3fb2861ff5eaf5025a0e6a1b4d351885353467ca240ac519ff09
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0
df5fb52efaea3bd1f0c2a48044fc1456232f99abba073556af9d803148f60019
e26d92147621a0bb2048596a33a693c9eb123a4a08302c8fe56078765f900b64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f568158e76180299863dfce0a914b29b6c344c9a98091937fa191bb2872c27
ec37e948878cd6f092ebda6f7714c1e6aeb677e07f183102f5f0861096080fa5
f00986848f9eac9da0ec0fd2501ea036292808e777618f3d92c75240c2320ffd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb856dccfb9a722fee139a6b0d9b3c59a2a2318b57de3fb3a56276f98acdb379

nordsterntales.com Open in urlscan Pro 71.19.248.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

42 %IPv6

11 Domains

15 Subdomains

12 IPs

3 Countries

2159 kBTransfer

3460 kBSize

5 Cookies

17 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nordsterntales.com Open in urlscan Pro
71.19.248.80 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

42 %
IPv6

11
Domains

15
Subdomains

12
IPs

3
Countries

2159 kB
Transfer

3460 kB
Size

5
Cookies

71 HTTP transactions
0 data transactions