nationalfile.com Open in urlscan Pro
2606:4700:20::681a:c79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nationalfile.com/tag/ashley-biden/
Submission Tags: falconsandbox
Submission: On January 04 via api (January 4th 2022, 5:13:25 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 30 domains to perform 77 HTTP transactions. The main IP is 2606:4700:20::681a:c79, located in United States and belongs to CLOUDFLARENET, US. The main domain is nationalfile.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 28th 2021. Valid for: a year.

This is the only time nationalfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:20:... 2606:4700:20::681a:c79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:7c00:d:99dd:3480:21	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:4400:9:78a:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
6	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:ec00:1c:386f:ec80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
1 3	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	54.174.15.208 54.174.15.208	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.253.103 13.35.253.103	16509 (AMAZON-02) (AMAZON-02)
3	34.194.207.132 34.194.207.132	14618 (AMAZON-AES) (AMAZON-AES)
3	52.0.182.27 52.0.182.27	14618 (AMAZON-AES) (AMAZON-AES)
1	3.89.94.83 3.89.94.83	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:211... 2600:9000:211e:7200:10:3422:3f00:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	65.9.58.90 65.9.58.90	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.215.6 143.204.215.6	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.37 13.35.253.37	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.41 143.204.215.41	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2014	15169 (GOOGLE) (GOOGLE)
1	51.75.146.199 51.75.146.199	16276 (OVH) (OVH)
1	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
77	37

16 2606:4700:20::681a:c79 (United States)

ASN13335 (CLOUDFLARENET, US)

nationalfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7c00:d:99dd:3480:21 (United States)

ASN16509 (AMAZON-02, US)

d3l320urli0p1u.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:4400:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

product.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ec00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)

d3lcz8vpax4lo2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.15.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-15-208.compute-1.amazonaws.com

pa.rxthdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-103.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.194.207.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-207-132.compute-1.amazonaws.com

geoip.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eua.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.0.182.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-182-27.compute-1.amazonaws.com

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.89.94.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-94-83.compute-1.amazonaws.com

b2c.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7200:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-90.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-6.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-37.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-41.fra53.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

liftable-bq-streamer.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.199 (France)

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	nationalfile.com nationalfile.com	396 KB
6	onesignal.com cdn.onesignal.com onesignal.com img.onesignal.com	87 KB
6	instiengage.com product.instiengage.com geoip.instiengage.com auth.instiengage.com eua.instiengage.com	32 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	145 KB
4	insticator.com geoip.insticator.com b2c.insticator.com event.insticator.com	3 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com signal-beacon.s-onetag.com	17 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	amazon-adsystem.com c.amazon-adsystem.com	39 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	138 KB
2	4dex.io script.4dex.io	23 KB
2	rxthdr.com pa.rxthdr.com	279 B
2	gstatic.com fonts.gstatic.com	40 KB
2	cloudfront.net d3lcz8vpax4lo2.cloudfront.net df80k0z3fi8zg.cloudfront.net	148 KB
2	pubmatic.com ads.pubmatic.com	118 KB
2	clean.gg i.clean.gg	104 B
1	adsrvr.org match.adsrvr.org	544 B
1	crwdcntrl.net id.crwdcntrl.net	338 B
1	id5-sync.com id5-sync.com	534 B
1	appspot.com liftable-bq-streamer.appspot.com	272 B
1	google.com www.google.com	501 B
1	privacymanager.io geo.privacymanager.io	594 B
1	rlcdn.com ats.rlcdn.com	37 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	contextweb.com bh.contextweb.com	406 B
1	net. d3l320urli0p1u.cloudfront.net.	38 KB
77	30

	Domain	Requested by
16	nationalfile.com	nationalfile.com static.cloudflareinsights.com
3	onesignal.com	d3l320urli0p1u.cloudfront.net.
3	www.google-analytics.com	d3l320urli0p1u.cloudfront.net. nationalfile.com
3	securepubads.g.doubleclick.net	d3l320urli0p1u.cloudfront.net. www.googletagservices.com
3	sb.scorecardresearch.com	1 redirects d3l320urli0p1u.cloudfront.net. nationalfile.com
3	c.amazon-adsystem.com	d3l320urli0p1u.cloudfront.net. c.amazon-adsystem.com
2	event.insticator.com	d3lcz8vpax4lo2.cloudfront.net
2	eua.instiengage.com	auth.instiengage.com
2	mug.criteo.com	nationalfile.com
2	gum.criteo.com	1 redirects
2	confiant-integrations.global.ssl.fastly.net	d3l320urli0p1u.cloudfront.net.
2	auth.instiengage.com	d3l320urli0p1u.cloudfront.net. auth.instiengage.com
2	script.4dex.io	d3l320urli0p1u.cloudfront.net.
2	pa.rxthdr.com	nationalfile.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ads.pubmatic.com	d3l320urli0p1u.cloudfront.net.
2	i.clean.gg	d3l320urli0p1u.cloudfront.net.
2	cdn.onesignal.com	nationalfile.com d3l320urli0p1u.cloudfront.net.
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	img.onesignal.com
1	liftable-bq-streamer.appspot.com	nationalfile.com
1	www.google.com	nationalfile.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	signal-beacon.s-onetag.com	d3l320urli0p1u.cloudfront.net.
1	onetag-geo.s-onetag.com	d3l320urli0p1u.cloudfront.net.
1	geo.privacymanager.io	d3l320urli0p1u.cloudfront.net.
1	get.s-onetag.com	d3l320urli0p1u.cloudfront.net.
1	df80k0z3fi8zg.cloudfront.net	d3l320urli0p1u.cloudfront.net.
1	b2c.insticator.com	d3l320urli0p1u.cloudfront.net.
1	geoip.insticator.com	d3lcz8vpax4lo2.cloudfront.net
1	geoip.instiengage.com	product.instiengage.com
1	ats.rlcdn.com	d3l320urli0p1u.cloudfront.net.
1	www.googletagservices.com	d3l320urli0p1u.cloudfront.net.
1	d3lcz8vpax4lo2.cloudfront.net	d3l320urli0p1u.cloudfront.net.
1	fonts.googleapis.com	nationalfile.com
1	www.googletagmanager.com	d3l320urli0p1u.cloudfront.net.
1	static.cloudflareinsights.com	nationalfile.com
1	bh.contextweb.com	nationalfile.com
1	product.instiengage.com	nationalfile.com
1	d3l320urli0p1u.cloudfront.net.	nationalfile.com
77	42

This site contains links to these domains. Also see Links.

Domain
support.nationalfile.com
gab.com
t.me
nationalfile.minds.com
facebook.com
instagram.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-28` - `2022-11-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.instiengage.com Sectigo RSA Organization Validation Secure Server CA	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
i.clean.gg GTS CA 1D4	`2021-12-19` - `2022-03-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
pa.rxthdr.com Amazon	`2021-11-20` - `2022-12-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.insticator.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-11` - `2022-08-25`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://nationalfile.com/tag/ashley-biden/
Frame ID: B273ACDFE2093445BEAD7AE5F352E85D
Requests: 67 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 0DB0EBA79D63C93F8B9471DC3A70EFBB
Requests: 3 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 4BF98934E75DD6239D161731105AD180
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ashley Biden Archives - National FilemenumenuCommentShareCommentShareCommentShareCommentShareCommentShareCommentSharecloseFacebookInstagramRssTwittercloseFacebookInstagramRssTwitter

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

77
Requests

97 %
HTTPS

46 %
IPv6

30
Domains

42
Subdomains

37
IPs

5
Countries

1369 kB
Transfer

4297 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://support.nationalfile.com/donate
Title: DONATE

Search URL Search Domain Scan URL

URL: https://gab.com/NationalFile
Title: GAB

Search URL Search Domain Scan URL

URL: https://t.me/NationalFile
Title: Telegram

Search URL Search Domain Scan URL

URL: https://nationalfile.minds.com/?referrer=nationalfile
Title: Minds

Search URL Search Domain Scan URL

URL: https://facebook.com/nationalfile
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/nationalfile
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/NationalFile
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1641273200273&ns_c=UTF-8&cv=3.5&c8=Ashley%20Biden%20Archives%20-%20National%20File&c7=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1641273200273&ns_c=UTF-8&cv=3.5&c8=Ashley%20Biden%20Archives%20-%20National%20File&c7=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%2F&c9=

Request Chain 48

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnationalfile.com%2F&domain=nationalfile.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vn1Z1nxVSjFIdWZVT2xWK1B1ZndPMmt4V3g4TmpJa0hBc2FyTDRCYXJqUXZwb2ViK2hvMk4wMHcrVkVWazRMTGNsU29WUlozTTFGMVd3MzZIQzZpaUJiRFNUeXA4dzdZelJhT2J4YXdzbXNaUDAwQVBZVUdMTXFGVk9sN04rVUNRMGEvU09wR3k4Z1RFTXlnbW8yNktnTEJLdUNFTm1SUTRveEZvZWwvenJhdDBTcnZSQjVDL0ZZbHhuVndNSjdpWTYrMDEyV2JneXU3UFAvYU9Dd2wrVlBRZ2JvWjdwVTNodmdqNzJ5UXFGQ1RFakFNPXw&cppv=2

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nationalfile.com/tag/ashley-biden/ 116 KB
22 KB 1146ms
1119ms Document
text/html 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ca6dc1325f8ac87c4bdfa8f9c9be2dcc4a10490b0d941063e9ccae0699b31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6c81fa154c3c6943-FRA
link: <https://nationalfile.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=15552000; preload
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8OflVzc0tGnLzvDP2utNvuUm1l%2FaaLC5UW24rLpsPYoijikYtv6xEMjoMBBoFdXWNwsFVP%2FmvLtVwaI3GZpunpZLvVG48PwD9W8Qf3it6JsEt%2FuJY5gCXDkIETALAPT7G0HYHucDygbmkjPNl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 200 script.js Show response
d3l320urli0p1u.cloudfront.net./ 110 KB
38 KB 38ms
9ms Script
application/javascript 2600:9000:211e:7c00:d:99dd:3480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3l320urli0p1u.cloudfront.net./script.js
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7c00:d:99dd:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d19a4e8ab78d6d4da1040f1174b965f9476f169e4d48d03debe24a39abc58ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:02 GMT
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 20:47:56 GMT
server: AmazonS3
age: 64
etag: W/"5acb8ff3e15dbe18cd2cd7f60b9287ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: AuMCZFGwJHqPX8ed1PiYp-GsYEcEv1C1oTPuXJVT7jFoRJtWfDgPeA==

GET
H2 200 classic-main.css
nationalfile.com/wp-content/themes/firefly/assets/css/ 60 KB
11 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/wp-content/themes/firefly/assets/css/classic-main.css?ver=0.26-1640270861

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367c02aebbc493c21ce0488f529512bb09eba9012a690f41011d5f696bcb9dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4289
vary: Accept-Encoding
last-modified: Thu, 23 Dec 2021 14:47:41 GMT
server: cloudflare
etag: W/"61c48c0d-ee14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wby%2FnHs0TfNquJ31UpmSKHWIe3a8mclO26gl6Bpr%2Bzf1yDkbDGQAovY9ZBGc1fhsUvJNTN9G5awChbUUhIfgeAsOEeQu8FHSudC0lGOQMW12I%2F%2FXQpeh6jsEhL%2FR9%2FoHoCe1uxTNt1Vfx5nwwlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6c81fa1c6fc86943-FRA
cf-bgj: minify

GET
H2 200 main.css
nationalfile.com/wp-content/themes/nf-firefly-child/assets/css/ 28 KB
5 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/wp-content/themes/nf-firefly-child/assets/css/main.css?ver=0.26

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb798065a8afd5f2461871b6490f557ec099902df4bd51dd55e67cfa56e0a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4289
cf-polished: origSize=29033
vary: Accept-Encoding
last-modified: Fri, 24 Dec 2021 16:44:33 GMT
server: cloudflare
etag: W/"61c5f8f1-7169"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnUCwACbcFs8J1nQgVqk9K9aK8f%2BcePqMh84bZWTFdLi5lZ4JVVTygdcbdH4SJJ5fp852QU%2BR0fYEgfRdeKcwOTUh358zuNanW2DnXlZQquERMLUkn2MiHLYwBOYv8bxVYdNH2bjbW1jttmtSX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6c81fa1c6fc96943-FRA
cf-bgj: minify

GET
H2 200 prebid.js Show response
nationalfile.com/wp-content/themes/firefly/assets/js/ 299 KB
94 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1640270858

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf85603462ebe492067cac89903cd839e34976276e8d19ba6557da1b63b2853d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4288
cf-polished: origSize=306136
vary: Accept-Encoding
last-modified: Thu, 23 Dec 2021 14:47:38 GMT
server: cloudflare
etag: W/"61c48c0a-4abd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEvW6Zd4wceHqzatNbvMdcopD%2FP0TQKsARSbf059iN8Z8xig3HvVaAsrqiHW9HAqv3hyf00S40EVqqueF9ftRXPYiwikGYMeBYFoDgTGDLs1mxL4DGWBhZzmrQk6EZCGCeWphe9fhXInVCX%2B5gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c81fa1cb8506943-FRA
cf-bgj: minify

GET
H2 200 9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js Show response
product.instiengage.com/product-loader-code/ 12 KB
4 KB 97ms
22ms Script
application/javascript 2600:9000:206f:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://product.instiengage.com/product-loader-code/9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 1Y0tF0JFC4Poj2Dd2hw0STOD9fCWnFFt
content-encoding: br
last-modified: Sat, 04 Dec 2021 23:10:57 GMT
server: AmazonS3
age: 1878
etag: W/"3e178191a86d02cb48d2376422824cdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
date: Tue, 04 Jan 2022 05:00:44 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fvkaByfUEo6gC0H6tb9MttKsQcTdN8Qs5syQ-J4J7v82xdT0rCZLKA==

GET
H2 200 logo-w-2.svg
nationalfile.com/wp-content/uploads/2021/12/ 6 KB
3 KB 22ms
22ms Image
image/svg+xml 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/12/logo-w-2.svg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acdf9f0cf4137a7750e07e771810cec3428783df0806c116004200f7e36f1283

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5808
vary: Accept-Encoding
last-modified: Wed, 08 Dec 2021 16:47:31 GMT
server: cloudflare
etag: W/"61b0e1a3-19b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9%2FjoS8%2BOwIxNU3z6%2FblaM99Y8gTgNvyo2L2ZRJWYCMvSwoQcF6ZDixJxIqHk8fjB0CQEOGotxGrtbP3jRjElBVKEkiBS4bVtAxijOT2I%2BFYoCtbEyyjELBgZAPxsseqFGe892bTDiMn0Tq0Kbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6c81fa1d09066943-FRA

GET
H2 200 logo-b-2.svg
nationalfile.com/wp-content/uploads/2021/12/ 6 KB
2 KB 15ms
12ms Image
image/svg+xml 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/12/logo-b-2.svg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbdd36fabba4dd38e4b3c3cc3cda7ef660fad96d3baebd645d772bfd356699d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5808
vary: Accept-Encoding
last-modified: Wed, 08 Dec 2021 16:47:32 GMT
server: cloudflare
etag: W/"61b0e1a4-19b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfXXD%2FkyhpvBRGV%2BiwEPAeeUDrTwEoJgovmfSs3DLC5EQLrZqthnE0mwDxeamBA%2BHX9yzI6kRFh2nW1JnXD3U0CoWDMWDItrAqAuMrjK9xV%2BbId0xquiObmbykHh5lFCNj5%2B1N81kPSDqN44YwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6c81fa1d29296943-FRA

GET
H2 200 set.aspx
bh.contextweb.com/bh/ 49 B
406 B 371ms
98ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: de-DE
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-685df6f7b9-dwdlq
expires: -1

GET
H2 200 global-min.js Show response
nationalfile.com/wp-content/themes/firefly/assets/js/ 97 KB
35 KB 22ms
19ms Script
application/javascript 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1640270857

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631e81faab0833f9d7f2a29efd36dbf8d105f78490c4a16c8b350d3f1003a1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6319
vary: Accept-Encoding
last-modified: Thu, 23 Dec 2021 14:47:37 GMT
server: cloudflare
etag: W/"61c48c09-1843a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SKhamI4cyGjIeOgimRAkbNOOetALTXtRliiD1v51ihl1k0n55tocPsB5Xb4EWql0xAGORWRnR%2FiexYPh8f8r6o21AeWVDrNzgWiA3ebmZwvqYF3w4uExwQo6W0OGsGsjWUFHDgNXmhOlOyF8dk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c81fa1d292c6943-FRA

GET
H2 200 wp-embed.min.js Show response
nationalfile.com/wp-includes/js/ 1 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2653
vary: Accept-Encoding
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP8Ifii4YgC%2FUVZcAsS4Ii4YRM5S%2F4B65dYEg7q0wPA45LSHG32pi%2BTl69XdJAY2U0PnD5C60vr%2FC%2F%2BSZUTOZUWwIWzwpkUHnfkvcsbvSd2zetpvS5NQgdmmz%2BA7g7vakJVbT9cGSoAcat%2FQMSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c81fa1c8ffc6943-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 45ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.2
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3457
etag: W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6c81fa1d4f5c7034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 07 Jan 2022 05:13:20 GMT

GET
H2 200 email-decode.min.js Show response
nationalfile.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Sun, 26 Dec 2021 13:15:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61c86ae8-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUx3B32eo6fEXuE6iU9VejFg2pbvtYeye5b2BWd9TiOyH7sbKZuUK9%2FmD7vaIItPZqF0yVr%2FvLp%2BWXtuo%2BNXLCPk0Jst7hCNYZzLG8NXwtNmteyZl%2BG8wZ3mcZ05RxBBW1DzqTCiMTjbXJlyRDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6c81fa1ca8266943-FRA
expires: Thu, 06 Jan 2022 05:13:20 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 73ms
44ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://nationalfile.com/
Origin: https://nationalfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6c81fa1d4e0e697b-FRA

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 128ms
105ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://nationalfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Tue, 04 Jan 2022 05:13:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 104ms
101ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
47 KB 68ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

644fb7299cfcaf556b12c4edd2695e1e9a6f84504563e1597bcdb915b2073621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47767
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Jan 2022 05:13:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
2 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/wp-content/themes/nf-firefly-child/assets/css/main.css?ver=0.26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 04:04:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 05:13:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 05:13:20 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158410/3599/ 167 KB
54 KB 93ms
12ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 19:39:57 GMT
server: Apache/2.2.15 (CentOS)
etag: "1421c11-29a3b-5cd3b9c953a17"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=33355
accept-ranges: bytes
content-type: text/javascript
content-length: 54751
expires: Tue, 04 Jan 2022 14:29:15 GMT

GET
H2 200 9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js Show response
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 240 KB
35 KB 65ms
25ms Script
application/javascript 2600:9000:211e:ec00:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ec00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 198b7185acf4f3a68b9fff503c0df106e3f677b05285dbeb01d3a8823ad1f02b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: NIqwZVZ3NhmwdK1SCmcqet6im968FfkS
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 05:05:40 GMT
server: AmazonS3
age: 18
etag: W/"f8772f06cb2659738b54f562eca1ef00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 04 Jan 2022 05:13:03 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4KKth_jc1Ox0TJc_upoU-OvvpqlQw0pWzVUxKHtj10W8Y_VlujDByw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 75ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1091 / 264 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 05:13:20 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 63ms
25ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 452
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 05FG3V795W3R5XPKYZC9
date: Tue, 04 Jan 2022 05:05:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: L98HyLpTpLE2cYjHoyWAjBG5jOQ_gUjhXyTqrAZyMrqKzx6nG4SqYA==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 62ms
24ms Script
application/javascript 13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 06:17:08 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 82594
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: W7PXEQ3FbW3KFiT2EkzPVkGfJmQK4MxNdXEDpQeM0-q-x3jW0uztDA==

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 50ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nationalfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 316518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:18:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 68ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nationalfile.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 07:59:11 GMT
x-content-type-options: nosniff
age: 594849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 07:59:11 GMT

OPTIONS
H2 204 c
pa.rxthdr.com/v3/ Frame 0
0 344ms
101ms Preflight 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=556182c7-ac68-4d56-8c66-4b4336e28e5e&host=nationalfile.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://nationalfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
server: nginx
access-control-allow-origin: https://nationalfile.com
access-control-allow-methods: POST, GET
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cache-control: no-cache, private

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
949 B 77ms
34ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2484639
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHobK4eFb%2Bptb2%2BopnCslBOXDLS%2BDJ5sxFZ4rFYWN4m%2FW7%2FY50ClTIv0XdcP43%2BF9CVhB6b%2FqyRkHhThcD%2BFcfJLHMVxPUxzPOlwYyYxUsUJoJkzgV4VRKzwcqrCxWDQVg34lbTLeLts5brI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1638788436623244
cf-ray: 6c81fa1db8ea5b92-FRA

GET
H2 200 c Show response
pa.rxthdr.com/v3/ 47 B
279 B 288ms
103ms XHR
application/json 54.174.15.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=556182c7-ac68-4d56-8c66-4b4336e28e5e&host=nationalfile.com
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1640270858
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.15.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-15-208.compute-1.amazonaws.com
Software: nginx /
Resource Hash: af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5

Request headers

Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/json

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://nationalfile.com
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 Ashley-Biden-Diary-Full-Release-600x315.jpg
nationalfile.com/wp-content/uploads/2020/10/ 36 KB
37 KB 153ms
152ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2020/10/Ashley-Biden-Diary-Full-Release-600x315.jpg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0a634af0be4e1b48981518ed30862ed98f57807e49841758d55363639b3a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=38599, status=webp_bigger
vary: Accept-Encoding
content-length: 37155
last-modified: Mon, 29 Nov 2021 19:38:30 GMT
server: cloudflare
etag: "61a52c36-96c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Lrrh8QNCqwaXMA%2B67XLZN3AQnwaWuB9TAif2JNfgBjcRrKGWLr7ySjAYLHHqZ%2FtFQ1t6VGr2V19sKnxZVPJPLgdDqZr%2BuOFFGocv%2BZ0LFmP36536E496L%2B8VBp3921wVvb%2FWCfhIwXI7FB205E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c81fa1d69b36943-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Washington-Post-Ashley-Biden-Diary-600x315.jpg
nationalfile.com/wp-content/uploads/2021/11/ 39 KB
39 KB 164ms
164ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/11/Washington-Post-Ashley-Biden-Diary-600x315.jpg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434bb295b9cdf08cb0c006cae6f6d9e788b46721383453be426212165d405ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=40237, status=webp_bigger
vary: Accept-Encoding
content-length: 39771
last-modified: Wed, 17 Nov 2021 18:40:01 GMT
server: cloudflare
etag: "61954c81-9d2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBOHRkdencLOWqAFNhac9c8HgWqZXKlrQwb7D4LO%2B9wMQPggXF5qqWbYnle8K1QiFR%2BAWKYILYyi8707g3szPPYOp8e58%2FM9zI8nCGHklWkHoWvrt05l4ezh%2Fj4XgZgcVz0UbB3PdlekheGeLlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c81fa1d69cc6943-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 BeFunky-collage-33-600x325.jpg
nationalfile.com/wp-content/uploads/2021/11/ 20 KB
21 KB 141ms
140ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/11/BeFunky-collage-33-600x325.jpg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd30c14046e03961b0ec7c1bdf9eb295a4031c40b46bfed79eef65c97100007

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=21189, status=webp_bigger
vary: Accept-Encoding
content-length: 20790
last-modified: Mon, 15 Nov 2021 01:27:00 GMT
server: cloudflare
etag: "6191b764-52c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo1e%2FYCnQV6yMvONRYPzHpzqqfjJj224jN7YqIQv9S59uyv8aniZvZLhmWQDCGp2PGqyVAdHJBVtIfRk8eh6lvOY7X80hAOBuWyCo6su2Px7B%2FO4iLVIuk4cVET5aXESwMgtQncNfUmRv6DfEB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c81fa1d69cd6943-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 BeFunky-collage-29-600x325.jpg
nationalfile.com/wp-content/uploads/2021/11/ 39 KB
40 KB 193ms
193ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/11/BeFunky-collage-29-600x325.jpg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da0f1927d6aa98703f863eb766162e301b6bae32d5457ced1643d61cde58f1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=40354, status=webp_bigger
vary: Accept-Encoding
content-length: 40154
last-modified: Wed, 10 Nov 2021 01:18:06 GMT
server: cloudflare
etag: "618b1dce-9da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwlY9wvIQpSBF3eVOI3BkfWKm20pTxeUjICHNSeOAVN9PyRnK8N3gvEE0kYWWa%2FT6ddAt2%2FiPEOGgJ9FVatmwvCtbXT4IV%2BSXzNk2F3SuqXCwnVNRcqjw3M%2FR6aLOLQgAsJpHGkH6c%2BqaIVRoUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c81fa1d69ce6943-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 45ms
13ms Script
application/x-javascript 13.35.253.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-103.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding: gzip
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age: 59230
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
date: Mon, 03 Jan 2022 12:46:11 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: 5fpO9GIncWFtDTl5hxYzsMcE09N_mQGDizVhIG_sdK0XS7LeaetE2g==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 21ms
20ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3451
etag: W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6c81fa1dafdb7034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 07 Jan 2022 05:13:20 GMT

GET
H2 200 Ashley-Biden-Statement-copy-600x315.jpg
nationalfile.com/wp-content/uploads/2021/11/ 40 KB
40 KB 560ms
559ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/11/Ashley-Biden-Statement-copy-600x315.jpg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20a35df280accca850c54417628ecf77cbfc80a3276d5a9e44c9d4bff4f9ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=41154, status=webp_bigger
vary: Accept-Encoding
content-length: 40814
last-modified: Mon, 08 Nov 2021 23:22:18 GMT
server: cloudflare
etag: "6189b12a-a0c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQk6yamKDyjm05LTFgd67f13tgrLkUhfuxZGFlDFJTChJtuDdJ9ZgaXhM0DV5rYPEtUHGD2mQNFly5HDBXOWFF19bKslNWfAGmuEVmO3JszaHH2TZsy2n0RrDlRGNhyH%2Fz21ld4gTDyE2MuaYXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c81fa1daa266943-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Ashley-Biden-Fox-News-Lawyer-600x315.jpg
nationalfile.com/wp-content/uploads/2021/11/ 45 KB
45 KB 161ms
161ms Image
image/jpeg 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalfile.com/wp-content/uploads/2021/11/Ashley-Biden-Fox-News-Lawyer-600x315.jpg

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9857e7e9e1138e55a924296d270b6975201c7d78bc11f6a18251c16b42b260

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/tag/ashley-biden/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=45921, status=webp_bigger
vary: Accept-Encoding
content-length: 45593
last-modified: Sat, 06 Nov 2021 02:42:34 GMT
server: cloudflare
etag: "6185eb9a-b361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znx5%2FWkpRA%2FgSOshrF4PXo67kC0Be%2FWNgCKMYWpYOQdcxw3mlGbY7nS5P32efUYm%2Fo4ZJ%2BJJp6uGNE0U4UMPeZ8cl594K8CB%2FJktYQw38deGNo4ciaHWVgaePhuwKZYfBqavE3NQbKoVFbU4%2Brc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c81fa1daa2a6943-FRA
cf-bgj: imgq:100,h2pri

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1641273200273&ns_c=UTF-8&cv=3.5&c8=Ashley%20Biden%20Archives%20-%20National%20File&c7=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1641273200273&ns_c=UTF-8&cv=3.5&c8=Ashley%20Biden%20Archives%20-%20National%20File&c7=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%...

0
222 B

13ms
12ms

Image
text/plain

13.35.253.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1641273200273&ns_c=UTF-8&cv=3.5&c8=Ashley%20Biden%20Archives%20-%20National%20File&c7=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%2F&c9=
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/
Protocol: H2
Server: 13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: aOPyN_OD8jgk80yoEgcNTtHBiD5qeaapd2MNoYwHH50yxMhY_X3ZOA==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 04 Jan 2022 05:13:20 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1641273200273&ns_c=UTF-8&cv=3.5&c8=Ashley%20Biden%20Archives%20-%20National%20File&c7=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%2F&c9=
content-length: 225
x-amz-cf-id: pLfXR2e4V-IH_GSwKxaEql9zt50LrQ2XFArXnyI_8i3GqpVwlJ3pRQ==

GET
H2 200 / Show response
geoip.instiengage.com/json/ 242 B
428 B 312ms
94ms XHR
application/json 34.194.207.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.instiengage.com/json/
Requested by: Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.207.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-207-132.compute-1.amazonaws.com
Software: /
Resource Hash: b64580c5730af8aa602a768971e531f3c3fb97e5bc390cab5746b923e949ce3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://nationalfile.com
date: Tue, 04 Jan 2022 05:13:20 GMT
access-control-allow-credentials: true
x-database-date: Mon, 03 Jan 2022 09:46:59 GMT
content-length: 242
vary: Origin
content-type: application/json

GET
H2 200 index.html Show response
auth.instiengage.com/auth/ Frame 0DB0 73 B
437 B 24ms
7ms Document
text/html 2600:9000:206f:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/index.html
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/

Response headers

content-type: text/html
content-length: 73
last-modified: Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id: Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Jan 2022 05:08:56 GMT
etag: "d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache: Hit from cloudfront
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: IJgTztg0izUd_9dCrnTMk4VQXAKg9MAFI8Du1hAjF4fcx_PC0sP9gw==
age: 351

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 7ms
7ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnationalfile.com&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:28:01 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
server: Server
age: 6318
x-cache: Hit from cloudfront
access-control-allow-origin: https://nationalfile.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 7xZ7ID2kK7UNfr3v7EbakvYnwhMUwWHKKXyHAX5kASU_La_KuLn75Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 28ms
9ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 2161
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Tue, 04 Jan 2022 05:06:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: mpkfIDV4DLxlwU_2oUvPmRkF5Xukko78qR5dChDnvRwxONjcDY33sA==

GET
H2 200 / Show response
geoip.insticator.com/json/ 242 B
428 B 336ms
101ms XHR
application/json 52.0.182.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.182.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-182-27.compute-1.amazonaws.com
Software: /
Resource Hash: b64580c5730af8aa602a768971e531f3c3fb97e5bc390cab5746b923e949ce3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://nationalfile.com
date: Tue, 04 Jan 2022 05:13:20 GMT
access-control-allow-credentials: true
x-database-date: Mon, 03 Jan 2022 09:46:59 GMT
content-length: 242
vary: Origin
content-type: application/json

GET
H2 200 usertracking Show response
b2c.insticator.com/v3/pages/ Frame 4BF9 8 KB
3 KB 447ms
114ms Document
text/html 3.89.94.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.insticator.com/v3/pages/usertracking
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.94.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-94-83.compute-1.amazonaws.com
Software: /
Resource Hash: 984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-type: text/html; charset=UTF-8
content-length: 2821
etag: 03aa1d47-dd78-48a5-9fd4-12945c92e7f1
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
content-encoding: gzip

GET
H2 200 instbid-4.32.0-28-with-new-ssps.js Show response
df80k0z3fi8zg.cloudfront.net/files/ 366 KB
114 KB 109ms
13ms Script
application/javascript 2600:9000:211e:7200:10:3422:3f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: PJSv67Ye.A4D1UntOZ7xUTYFpK79cmtD
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:47:01 GMT
server: AmazonS3
age: 76524
etag: W/"a640e887066acfceadf3b3b07de8f53a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 03 Jan 2022 07:57:57 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: rxHKBY3qp7g8OKZF_kZwyXnj31ep24XemZfKHl5nYrWfqWwyJ-2RNg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 203 KB
64 KB 11ms
11ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ac0bd9ccf76dab801b622a469ce0fd0959a1b359f3eae79c0c8d816285014ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 17:49:57 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121321-32dd5-5d3aba23180c8"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=96866
accept-ranges: bytes
content-type: text/javascript
content-length: 65426
expires: Wed, 05 Jan 2022 08:07:46 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 536 KB
77 KB 122ms
14ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1e43fa16f4827f455fef4748ac54af287708d10ebc338a0c9ed6f8102b9caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 05:13:20 GMT
Content-Encoding: gzip
Age: 3214
X-Cache: HIT
Connection: keep-alive
Content-Length: 78353
x-amz-id-2: L6Fhx+SoRnwyR71OVagG/fk5DpcP+Qg8K8x+WsTboSNTgqCRFMsi+9aJfJIuExpQtCXVLIznNxU=
X-Served-By: cache-fra19135-FRA
Last-Modified: Tue, 04 Jan 2022 04:07:51 GMT
Server: AmazonS3
X-Timer: S1641273200.458180,VS0,VE0
ETag: "8346a54152d4955cff26c7adfd63e1d8"
x-amz-request-id: B8DCA6VJJ8VXAGKG
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 21

GET
H2 200 tag.min.js Show response
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 18 KB
6 KB 112ms
9ms Script
text/javascript 65.9.58.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 18:02:42 GMT
server: AmazonS3
age: 8550
etag: W/"51ed6db266476896c6fe9a06992898e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 04 Jan 2022 02:50:51 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TUwTTjnaoqTRnL5Jz-Pc7eLfDeanG9kkTDRUSLcjw3qjCDjP148x9g==

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 99ms
23ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 05:13:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 162 B
745 B 93ms
23ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nationalfile.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9b84e6b267420331fd41d2f17188255fc9344fe77e21eef6c18cbe63c2df1bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Tue, 04 Jan 2022 05:13:20 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnationalfile.com%2F&domain=nationalfile.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=vn1Z1nxVSjFIdWZVT2xWK1B1ZndPMmt4V3g4TmpJa0hBc2FyTDRCYXJqUXZwb2ViK2hvMk4wMHcrVkVWazRMTGNsU29WUlozTTFGMVd3MzZIQzZpaUJiRFNUeXA4dzdZelJhT2J4YXdzbXNaUDAwQVBZVUdMTXFGVk9sN0...

353 B
621 B

56ms
28ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vn1Z1nxVSjFIdWZVT2xWK1B1ZndPMmt4V3g4TmpJa0hBc2FyTDRCYXJqUXZwb2ViK2hvMk4wMHcrVkVWazRMTGNsU29WUlozTTFGMVd3MzZIQzZpaUJiRFNUeXA4dzdZelJhT2J4YXdzbXNaUDAwQVBZVUdMTXFGVk9sN04rVUNRMGEvU09wR3k4Z1RFTXlnbW8yNktnTEJLdUNFTm1SUTRveEZvZWwvenJhdDBTcnZSQjVDL0ZZbHhuVndNSjdpWTYrMDEyV2JneXU3UFAvYU9Dd2wrVlBRZ2JvWjdwVTNodmdqNzJ5UXFGQ1RFakFNPXw&cppv=2

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

beb86b3b8a21032d67c33cc68445d158d4b2fa44aef9f5d7ef906642c4583c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2175
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Jan 2022 05:13:20 GMT
location: https://mug.criteo.com/sid?cpp=vn1Z1nxVSjFIdWZVT2xWK1B1ZndPMmt4V3g4TmpJa0hBc2FyTDRCYXJqUXZwb2ViK2hvMk4wMHcrVkVWazRMTGNsU29WUlozTTFGMVd3MzZIQzZpaUJiRFNUeXA4dzdZelJhT2J4YXdzbXNaUDAwQVBZVUdMTXFGVk9sN04rVUNRMGEvU09wR3k4Z1RFTXlnbW8yNktnTEJLdUNFTm1SUTRveEZvZWwvenJhdDBTcnZSQjVDL0ZZbHhuVndNSjdpWTYrMDEyV2JneXU3UFAvYU9Dd2wrVlBRZ2JvWjdwVTNodmdqNzJ5UXFGQ1RFakFNPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nationalfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1756
content-length: 482
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5906
date: Tue, 04 Jan 2022 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 04 Jan 2022 05:34:54 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 64ms
24ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnationalfile.com%2F&domain=nationalfile.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://nationalfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://nationalfile.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1771
date: Tue, 04 Jan 2022 05:13:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 57ms
18ms Fetch
application/json 143.204.215.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-6.fra53.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:33:06 GMT
via: 1.1 9e1b24b39ac8b669f996f1e7907eb697.cloudfront.net (CloudFront), 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 52814
x-amzn-requestid: 5a172b78-88c8-4d8e-9a01-448d9335f448
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61d30922-33c597b62020e7607591c3e9;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA53-C1
x-amz-apigw-id: LX5dcHfQjoEFuMg=
content-length: 30
x-amz-cf-id: aAx-WhtE7m3x2pw25G2_dp2UyRaY7EuY39Pqi6M1OKcZADyUhE1ImA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 web Show response
onesignal.com/api/v1/sync/95712cbc-b1b5-4c09-9a49-bc40144bd3ba/ 3 KB
2 KB 17ms
16ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/95712cbc-b1b5-4c09-9a49-bc40144bd3ba/web?callback=__jp0

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04f856229358466dd4446358902d7f783682abfc50aa3cac99e92452a80249f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3588
cf-polished: origSize=3363
status: 200 OK
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6e0f948a-b05b-4a5b-a8cc-624be047e95b
x-runtime: 0.044393
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"524a57b6875fb691dcd998b4191a6a3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6c81fa1f09c67034-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 04 Jan 2022 06:13:20 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 48ms
25ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2484571
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx0ba14cebf3784eaea458e-0061adee13
x-amz-id-2: tx0ba14cebf3784eaea458e-0061adee13
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV5LSwaiGHa9TPLdS9fcjaV8cM1swGZEq9q9DdSbayGZMQ3DhkpheVt8MlMPo7rxY0pIEWRUy8B25zHKUJ5g%2FSm7kmlcQN7FeyK%2B%2BX5bttTDOC%2FMOA3barykKlpBvsFdjwHJX1P8LyL4ZA41"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6c81fa1f2e98702d-FRA
access-control-allow-headers: Authorization

GET
H2 200 bundle.js Show response
auth.instiengage.com/auth/ Frame 0DB0 76 KB
26 KB 12ms
12ms Script
application/javascript 2600:9000:206f:4400:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/bundle.js
Requested by: Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4400:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.instiengage.com/auth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:58:37 GMT
server: AmazonS3
age: 447
etag: W/"3f019eeba204464fe4c8dad30cf9150b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
date: Tue, 04 Jan 2022 05:10:04 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: eB_bM2X0Hfok79W3iIFQmAhaHmprbP-T6Z66zo_itbczY4sSxYFn4Q==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 49ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1078
date: Tue, 04 Jan 2022 05:13:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 38ms
7ms Fetch
application/json 13.35.253.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-37.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 07:52:05 GMT
via: 1.1 59439a13f6db75e801a63663b4f79373.cloudfront.net (CloudFront), 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
age: 76875
x-amzn-requestid: 28c326a4-1c59-4cd3-8af3-f67468916b2c
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3, FRA6-C1
x-amz-apigw-id: LW-t2EbhCYcFzlw=
content-length: 555
x-amz-cf-id: v5MmC1Fzc8FYogb-ENBk_i4ySJL08xujVRx1hBFoK3Jk3OFdU1Dxpw==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 52ms
9ms Script
application/javascript 143.204.215.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding: gzip
etag: W/"ea838863b2b3bf40d1353c99808a5464"
last-modified: Tue, 09 Nov 2021 13:26:48 GMT
server: AmazonS3
age: 61472
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 03 Jan 2022 12:08:49 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: CPMHauzxkRSwS3hCAwGePr506qXe50693sBRY8_rAOCghswu5eMMxQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 30ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1091 / 694 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 05:13:20 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jan 2022 06:01:52 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ 189 KB
61 KB 14ms
13ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 05:13:20 GMT
Content-Encoding: gzip
Age: 448
X-Cache: HIT
Connection: keep-alive
Content-Length: 61460
x-amz-id-2: mhjLBwq4ofP4Ht18aFXJwavbMA7sAA+j53tdu5a+bQynUB9jggNi8MPZBXPh5JJbJapjzT+KHSM=
X-Served-By: cache-fra19135-FRA
Last-Modified: Thu, 02 Dec 2021 17:00:39 GMT
Server: AmazonS3
X-Timer: S1641273201.689939,VS0,VE0
ETag: "0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id: K526S02KR1DXHTEX
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 93

POST
H2 200 token Show response
eua.instiengage.com/v1/auth/ Frame 0DB0 864 B
1016 B 139ms
139ms Fetch
application/json 34.194.207.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eua.instiengage.com/v1/auth/token
Requested by: Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.207.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-207-132.compute-1.amazonaws.com
Software: /
Resource Hash: 97301adb87d77caed4ea0eb05593648d467a0f547dd4cffda0e4eb2bd2ac4570

Request headers

Referer: https://auth.instiengage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://auth.instiengage.com
date: Tue, 04 Jan 2022 05:13:20 GMT
access-control-allow-credentials: true
content-length: 864
vary: Origin
content-type: application/json

OPTIONS
H2 200 token
eua.instiengage.com/v1/auth/ Frame 0
0 124ms
96ms Preflight 34.194.207.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eua.instiengage.com/v1/auth/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.207.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-207-132.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://auth.instiengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://auth.instiengage.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
440 B 78ms
27ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144276493-1&cid=2006435243.1641273201&jid=710563722&gjid=1116729650&_gid=464281317.1641273201&_u=aGBAiUAjBAAAAE~&z=1604621934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 Jan 2022 05:13:20 GMT
content-type: text/plain
access-control-allow-origin: https://nationalfile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1341127239&t=pageview&_s=1&dl=https%3A%2F%2Fnationalfile.com%2Ftag%2Fashley-biden%2F&ul=en-us&de=UTF-8&dt=Ashley%20Biden%20Archives%20-%20National%20File&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjB~&jid=710563722&gjid=1116729650&cid=2006435243.1641273201&tid=UA-144276493-1&_gid=464281317.1641273201&gtm=2wgc10K3K9VP&cd1=archive&cd2=archive&cd3=none&cd4=archive&cd6=archive&cd7=0000-00-00&cd10=archive&cd11=archive&cd12=archive&cd14=archive&cd15=archive&cd16=web&cd17=archive&cd23=none&cd24=archive&cd25=archive&cd29=0&cd33=2022-01-04T05%3A13%3A20.423%2B00%3A00&cd34=1641273200423.rv4clghm&cd37=false&cd38=archive&cd39=archive&cd40=archive&cd41=archive&cd42=archive&cd43=archive&cd44=archive&cd45=archive&z=892517424

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 02:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10387
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
24ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3458
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6c81fa215be45c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 07 Jan 2022 05:13:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 44ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-144276493-1&cid=2006435243.1641273201&jid=710563722&_u=aGBAiUAjBAAAAE~&z=46944576

Requested by

Host: nationalfile.com
URL: https://nationalfile.com/tag/ashley-biden/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 05:13:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
nationalfile.com/cdn-cgi/ 0
211 B 23ms
22ms XHR
text/plain 2606:4700:20::681a:c79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalfile.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nationalfile.com/tag/ashley-biden/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Tue, 04 Jan 2022 05:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://nationalfile.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6c81fa21d96a6943-FRA
vary: Origin

POST
H2 200 bq-streamer Show response
liftable-bq-streamer.appspot.com/ 0
272 B 334ms
175ms XHR
text/html 2a00:1450:4001:803::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://liftable-bq-streamer.appspot.com/bq-streamer
Requested by: Host: nationalfile.com
URL: https://nationalfile.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1640270857
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 Jan 2022 05:13:21 GMT
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 0bcc69e4346df7192e0c5c59c240808b
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/95712cbc-b1b5-4c09-9a49-bc40144bd3ba/ 192 B
616 B 364ms
349ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/95712cbc-b1b5-4c09-9a49-bc40144bd3ba/icon

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8ebe60578562a1b3d8e4001eb05d9fe4d4143fbeb10ae4e5f2123369e26e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: af25ea8d-68cb-4d4b-82ee-56eff3cb15b7
x-runtime: 0.006832
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ee8ebe60578562a1b3d8e4001eb05d9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6c81fa21f8415c38-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 fc53590b-3536-4a3c-9a14-32ef0e5352df.jpg
img.onesignal.com/permanent/ 4 KB
5 KB 103ms
41ms Image
image/jpeg 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/fc53590b-3536-4a3c-9a14-32ef0e5352df.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f963434d0ab686a9eb65426f0bace3856ce5c46c79438d71f0f62548b61e3eed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nationalfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 05:13:21 GMT
cf-cache-status: HIT
age: 418
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4373
x-amz-id-2: RImVZQK6ZS34eoJTcqDqzNp4Qwf1d3nK5WNTciTNihEtwVqhXZ98c/raIVqn4/pwvtaV6AtWP4Q=
last-modified: Wed, 01 Apr 2020 18:03:26 GMT
server: cloudflare
etag: "748296128baf9c6f184037c21e37c02a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: JBGNSP9B2MTTFETH
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6c81fa248aa47034-FRA
expires: Fri, 04 Feb 2022 05:13:21 GMT

POST
H2 201 event Show response
event.insticator.com/v1/ 0
120 B 111ms
111ms XHR
text/plain 52.0.182.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/9725a0bc-d9b3-4573-84a9-bc1d6c7ced6d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.182.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-182-27.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: https://nationalfile.com
date: Tue, 04 Jan 2022 05:13:21 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

OPTIONS
H2 200 event
event.insticator.com/v1/ Frame 0
0 199ms
126ms Preflight 52.0.182.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.182.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-182-27.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type
Origin: https://nationalfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 Jan 2022 05:13:21 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://nationalfile.com
access-control-allow-headers: access-control-allow-origin,content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

POST
H/1.1 200 938.json Show response
id5-sync.com/g/v2/ 213 B
534 B 101ms
22ms XHR
application/json 51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/938.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

fcf7c2fa0ec298fc68f79c60fb8903d8ba77606cc261728d2e647e9e5245dffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://nationalfile.com
Date: Tue, 04 Jan 2022 05:13:21 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 134ms
48ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: eda1ab4189e81c9161a14a2e2ff1ed34ad2aa7191abac4f481144fa8aaabdf10

Request headers

Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 05:13:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://nationalfile.com
cache-control: no-cache
x-server: 10.45.20.193
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 115ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 50ddd3891df08312bc9209389faf68df6fdb4431751c60931cf0ff4cff4bcacb

Request headers

Referer: https://nationalfile.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jan 2022 05:13:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nationalfile.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 03 Feb 2022 05:13:22 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 17:11:21	Name: UID Value: 1PLFXR2E4VIHGSWKXAEQL9g1641273200
nationalfile.com/	1970-01-19 23:54:35	Name: InstiSession Value: eyJpZCI6ImE5NTc5ODM2LTBjMGUtNDg4OC04NzVjLTBlNTI2OWUyMDM2YyIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
nationalfile.com/	1970-01-20 00:37:45	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nationalfile.com/	1970-01-20 04:13:45	Name: _pubcid Value: 30f7a754-244b-401a-bc81-25e89ed81fcb
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 9db0515b79b76d5b
.nationalfile.com/	1970-01-20 17:25:45	Name: _ga Value: GA1.2.2006435243.1641273201
.nationalfile.com/	1970-01-19 23:55:59	Name: _gid Value: GA1.2.464281317.1641273201
nationalfile.com/	1970-01-19 23:55:59	Name: _lr_geo_location Value: DE
nationalfile.com/	1970-01-19 23:55:59	Name: plsVisitorGeo Value: DE
nationalfile.com/	1970-01-19 23:55:59	Name: plsVisitorCity Value: Hessen
nationalfile.com/	1970-01-20 09:16:09	Name: cto_bidid Value: NijfZF81Qm4lMkZkdzdDJTJGVUIzY2l4b0lsbklkam5KMmxKbmJGNGR5aCUyRmRQYlNQZmp2TjA5bGEzWDljcXE2dHhFNUZDcFJVSFZMTzVOMnB4enlxRkxXd1JQNDVrQSUzRCUzRA
nationalfile.com/	1970-01-20 09:16:09	Name: cto_bundle Value: shuVvF9vSkZod3dtbkRteUZvRVpmUFZpcEQzVnhuWEdkTG94bWs0b3o2MCUyQnVHbjlqcGRXWWhtellsMWQ3S0o0dERQMHJTd1VMQ243SEdzJTJGNkdNbUFxdzRnJTJCRGE3eVlLaFV2TlolMkZWUmZHWmIlMkJ2OGxMRFZYUURnMng3em4wQ3cxck1KVHo
.nationalfile.com/	1970-01-19 23:54:33	Name: _dc_gtm_UA-144276493-1 Value: 1
.adsrvr.org/	1970-01-20 08:40:09	Name: TDID Value: 50954999-36d1-4dbf-a4e3-ab2f55ccd671
nationalfile.com/	1970-01-20 01:20:57	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2250954999-36d1-4dbf-a4e3-ab2f55ccd671%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-04T05%3A13%3A22%22%7D
.nationalfile.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1641359602516

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ats.rlcdn.com
auth.instiengage.com
b2c.insticator.com
bh.contextweb.com
c.amazon-adsystem.com
cdn.onesignal.com
confiant-integrations.global.ssl.fastly.net
d3l320urli0p1u.cloudfront.net.
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
eua.instiengage.com
event.insticator.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
gum.criteo.com
i.clean.gg
id.crwdcntrl.net
id5-sync.com
img.onesignal.com
liftable-bq-streamer.appspot.com
match.adsrvr.org
mug.criteo.com
nationalfile.com
onesignal.com
onetag-geo.s-onetag.com
pa.rxthdr.com
product.instiengage.com
sb.scorecardresearch.com
script.4dex.io
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.32.29.201
13.35.253.103
13.35.253.37
13.35.253.75
142.250.185.66
143.204.215.41
143.204.215.6
151.101.1.194
178.250.2.146
198.148.27.139
2.18.233.180
2600:9000:206f:4400:9:78a:e540:93a1
2600:9000:211e:7200:10:3422:3f00:21
2600:9000:211e:7c00:d:99dd:3480:21
2600:9000:211e:ec00:1c:386f:ec80:21
2606:4700:20::681a:c79
2606:4700:20::ac43:4bf1
2606:4700::6810:5e41
2606:4700::6812:e234
2a00:1450:4001:803::200a
2a00:1450:4001:803::2014
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9c
2a02:2638:1::13
3.89.94.83
34.194.207.132
34.95.69.49
35.71.131.137
51.75.146.199
52.0.182.27
52.215.102.174
54.174.15.208
65.9.58.90
04f856229358466dd4446358902d7f783682abfc50aa3cac99e92452a80249f4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d19a4e8ab78d6d4da1040f1174b965f9476f169e4d48d03debe24a39abc58ef
0e0a634af0be4e1b48981518ed30862ed98f57807e49841758d55363639b3a3a
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
198b7185acf4f3a68b9fff503c0df106e3f677b05285dbeb01d3a8823ad1f02b
24ca6dc1325f8ac87c4bdfa8f9c9be2dcc4a10490b0d941063e9ccae0699b31e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
367c02aebbc493c21ce0488f529512bb09eba9012a690f41011d5f696bcb9dc0
434bb295b9cdf08cb0c006cae6f6d9e788b46721383453be426212165d405ab3
50ddd3891df08312bc9209389faf68df6fdb4431751c60931cf0ff4cff4bcacb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
631e81faab0833f9d7f2a29efd36dbf8d105f78490c4a16c8b350d3f1003a1fc
644fb7299cfcaf556b12c4edd2695e1e9a6f84504563e1597bcdb915b2073621
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
97301adb87d77caed4ea0eb05593648d467a0f547dd4cffda0e4eb2bd2ac4570
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e
9b84e6b267420331fd41d2f17188255fc9344fe77e21eef6c18cbe63c2df1bde
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
ac0bd9ccf76dab801b622a469ce0fd0959a1b359f3eae79c0c8d816285014ea2
acdf9f0cf4137a7750e07e771810cec3428783df0806c116004200f7e36f1283
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5
afd30c14046e03961b0ec7c1bdf9eb295a4031c40b46bfed79eef65c97100007
b64580c5730af8aa602a768971e531f3c3fb97e5bc390cab5746b923e949ce3a
beb86b3b8a21032d67c33cc68445d158d4b2fa44aef9f5d7ef906642c4583c1b
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64
cf85603462ebe492067cac89903cd839e34976276e8d19ba6557da1b63b2853d
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
da0f1927d6aa98703f863eb766162e301b6bae32d5457ced1643d61cde58f1af
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd1e43fa16f4827f455fef4748ac54af287708d10ebc338a0c9ed6f8102b9caf
ddb798065a8afd5f2461871b6490f557ec099902df4bd51dd55e67cfa56e0a25
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6
dfbdd36fabba4dd38e4b3c3cc3cda7ef660fad96d3baebd645d772bfd356699d
e20a35df280accca850c54417628ecf77cbfc80a3276d5a9e44c9d4bff4f9ffd
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c2df2904ee0ac9a0dcc01dbb90666d1c1fd659891fcecba4aa7f64ee0406c1
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
eda1ab4189e81c9161a14a2e2ff1ed34ad2aa7191abac4f481144fa8aaabdf10
ee8ebe60578562a1b3d8e4001eb05d9fe4d4143fbeb10ae4e5f2123369e26e2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f963434d0ab686a9eb65426f0bace3856ce5c46c79438d71f0f62548b61e3eed
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fcf7c2fa0ec298fc68f79c60fb8903d8ba77606cc261728d2e647e9e5245dffa
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff9857e7e9e1138e55a924296d270b6975201c7d78bc11f6a18251c16b42b260

nationalfile.com Open in urlscan Pro 2606:4700:20::681a:c79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

97 %HTTPS

46 %IPv6

30 Domains

42 Subdomains

37 IPs

5 Countries

1369 kBTransfer

4297 kBSize

16 Cookies

7 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nationalfile.com Open in urlscan Pro
2606:4700:20::681a:c79 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

97 %
HTTPS

46 %
IPv6

30
Domains

42
Subdomains

37
IPs

5
Countries

1369 kB
Transfer

4297 kB
Size

16
Cookies

77 HTTP transactions
0 data transactions